Dynamic SQL: Applications, Performance, and Security

This book is an introduction and deep-dive into the many uses of dynamic SQL in Microsoft SQL Server. Dynamic SQL is key to large-scale searching based upon user-entered criteria. It’s also useful in generating value-lists, in dynamic pivoting of data for business intelligence reporting, and for customizing database objects and querying their structure.

Executing dynamic SQL is at the heart of applications such as business intelligence dashboards that need to be fluid and respond instantly to changing user needs as those users explore their data and view the results. Yet dynamic SQL is feared by many due to concerns over SQL injection attacks. Reading Dynamic SQL: Applications, Performance, and Security is your opportunity to learn and master an often misunderstood feature, including security and SQL injection.

All aspects of security relevant to dynamic SQL are discussed in this book. You will learn many ways to save time and develop code more efficiently, and you will practice directly with security scenarios that threaten companies around the world every day. Dynamic SQL: Applications, Performance, and Security helps you bring the productivity and user-satisfaction of flexible and responsive applications to your organization safely and securely. Your organization’s increased ability to respond to rapidly changing business scenarios will build competitive advantage in an increasingly crowded and competitive global marketplace.

• Discusses many applications of dynamic SQL, both simple and complex.
• Explains each example with demos that can be run at home and on your laptop.
• Helps you to identify when dynamic SQL can offer superior performance.
• Pays attention to security and best practices to ensure safety of your data.

What You Will Learn

• Build flexible applications that respond fast to changing business needs.
• Take advantage of unconventional but productive uses of dynamic SQL.
• Protect your data from attack through best-practices in your implementations.
• Know about SQL Injection and be confident in your defenses against it
• Run at high performance by optimizing dynamic SQL in your applications.
• Troubleshoot and debug dynamic SQL to ensure correct results.

Who This Book is For

Dynamic SQL: Applications, Performance, and Security

is for developers and database administrators looking to hone and build their T-SQL coding skills. The book is ideal for advanced users wanting to plumb the depths of application flexibility and troubleshoot performance issues involving dynamic SQL. The book is also ideal for beginners wanting to learn what dynamic SQL is about and how it can help them deliver competitive advantage to their organizations.

這本書是關於在Microsoft SQL Server中使用動態SQL的介紹和深入探討。動態SQL對於基於用戶輸入條件的大規模搜索非常重要。它還可以用於生成值列表，動態樞紐分析業務智能報告的數據，以及自定義數據庫對象並查詢其結構。

執行動態SQL是應用程序的核心，例如需要根據用戶需求即時變化的業務智能儀表板。然而，由於對SQL注入攻擊的擔憂，許多人對動態SQL感到擔心。閱讀《動態SQL：應用、性能和安全性》是您學習和掌握一個常常被誤解的功能的機會，包括安全性和SQL注入。

本書討論了與動態SQL相關的所有安全性方面。您將學習許多節省時間、更高效地開發代碼的方法，並直接與每天威脅全球公司的安全場景進行實踐。《動態SQL：應用、性能和安全性》幫助您安全地將靈活和響應迅速的應用程序的生產力和用戶滿意度帶給您的組織。您的組織對快速變化的業務場景的應對能力的提高將在競爭激烈的全球市場中建立競爭優勢。

本書討論了動態SQL的許多應用，包括簡單和複雜的應用。並通過可以在家中和筆記本電腦上運行的演示來解釋每個示例。本書還關注安全性和最佳實踐，以確保數據的安全。

您將學到以下內容：
- 構建靈活的應用程序，快速響應不斷變化的業務需求。
- 利用非傳統但高效的動態SQL用法。
- 通過實施最佳實踐來保護數據免受攻擊。
- 了解SQL注入並對抗它的防禦措施。
- 通過優化應用程序中的動態SQL運行高性能。
- 調試動態SQL以確保正確的結果。

本書適合開發人員和數據庫管理員，他們希望磨練和建立自己的T-SQL編程技能。本書非常適合高級用戶，他們希望深入了解應用程序靈活性並解決涉及動態SQL的性能問題。對於初學者來說，本書可以讓他們了解動態SQL的內容以及它如何幫助他們為組織帶來競爭優勢。