Looking for security vulnerabilities in database code

I've always been concerned with security and I've always stressed the importance of auditing the REAL user context not just the current user (see this post on EXECUTE AS and auditing). So, I generally try to avoid using dynamic string execution and if necessary create well tested/protected parameters (fyi – using QUOTENAME can be a […]

The Tipping Point Query Answers

OK, I'll definitely take a beating from all of you for having gone so long between my survey posts and now. I won't even go into the details but between some crazy work schedules, multiple sinus problems and even migraines… well, I've been a bit behind. Let's just say that April/May were rough at best. […]

Favorite SSMS Options – and some gotchas

Whenever I setup a new machine, I like to set a few default options in SSMS. Here are my favorites: Tools, Options Environment Fonts and Colors Text Editor font: Lucida Console (a bit thicker and it's a fixed-width font) Text Editor: Selected Text (under display items) Item foreground: Black Item background: Yellow (looks like a […]