Dynamic SQL, Second Edition

Applications, Performance, and Security in Microsoft SQL Server

This book is an introduction and deep-dive into the many uses of dynamic SQL in Microsoft SQL Server. Dynamic SQL is key to large-scale searching based upon user-entered criteria. It’s also useful in generating value-lists, in dynamic pivoting of data for business intelligence reporting, and for customizing database objects and querying their structure.

Executing dynamic SQL is at the heart of applications such as business intelligence dashboards that need to be fluid and respond instantly to changing user needs as those users explore their data and view the results. Yet dynamic SQL is feared by many due to concerns over SQL injection attacks. Reading Dynamic SQL: Applications, Performance, and Security is your opportunity to learn and master an often misunderstood feature, including security and SQL injection.

All aspects of security relevant to dynamic SQL are discussed in this book. You will learn many ways to save time and develop code more efficiently, and you will practice directly with security scenarios that threaten companies around the world every day. Dynamic SQL: Applications, Performance, and Security helps you bring the productivity and user-satisfaction of flexible and responsive applications to your organization safely and securely. Your organization’s increased ability to respond to rapidly changing business scenarios will build competitive advantage in an increasingly crowded and competitive global marketplace.

• Discusses many applications of dynamic SQL, both simple and complex.
• Explains each example with demos that can be run at home and on your laptop.
• Helps you to identify when dynamic SQL can offer superior performance.
• Pays attention to security and best practices to ensure safety of your data.

What You Will Learn

• Build flexible applications that respond fast to changing business needs.
• Take advantage of unconventional but productive uses of dynamic SQL.
• Protect your data from attack through best-practices in your implementations.
• Know about SQL Injection and be confident in your defenses against it
• Run at high performance by optimizing dynamic SQL in your applications.
• Troubleshoot and debug dynamic SQL to ensure correct results.

Who This Book is For

is for developers and database administrators looking to hone and build their T-SQL coding skills. The book is ideal for advanced users wanting to plumb the depths of application flexibility and troubleshoot performance issues involving dynamic SQL. The book is also ideal for beginners wanting to learn what dynamic SQL is about and how it can help them deliver competitive advantage to their organizations.