RetiredDBA.com

All things for Microsoft SQL Server

Dbas are you being too defensive again?

Oct 25, 2018



This is a review of a free e-book at red-gate.com: Defensive Database Programming by Alex Kuznetsov

According to Alex ‘the book teaches you how to think and develop defensively, and how to proactively identify and eliminate potential vulnerabilities in T-SQL code.’

I like the ‘What this book does not cover’ section. Alex explains ‘…the focus of this book is on writing resilient T-SQL code, not on the implementation of unit tests’. And he also says ‘The focus of this book is on very common … less publicized vulnerabilities…’. It does not cover SQL injection attacks that have been written about in many other articles.

Numerous code examples in the ebook can be downloaded (see ebook for URL).

Alex offers many examples of defensive database programming techniques, code vulnerabilities, data object change issues, code breaking from upgrades, reuse of T-SQL code, data integrity problems, etc.

A favorite section of mine is in Chapter 2 ‘SET, SELECT, and the dreaded infinite loop’. The entire Chapter 8 on Defensive Error handling is well worth the read!

Nicely done e-book that will make you smile at least a few times when you see some code that you have fixed in your past. You will learn some new defensive database programming techniques after reading this e-book.