Skip to content

Category Archives: Database

RDBMS, ODBMS, and their related technogies.

Bad things to hear from your DBA

06-Jul-05

It’s not good to hear your DBA ‘guru’ answer “Good question” when he’s been working for 2 months creating insert and update DTS packages for your application and you ask him “How can you tell if you are supposed to insert or update a given record in the source table?”.
Especially when NOT being able [...]

Also filed in General | | Comments (0) »

Size of scientific datasets

28-Apr-05

I deal mostly with medical data, some appointment data, but mostly data about a patients labs, medications, and what they are having taken out or put into them. These databases can get pretty big, right now I’ve got three main databases. One is about 1.5GB, the second is abou 2.3GB, and the third, which [...]

Also filed in Technology | | Comments (4) »

Oracle just ain’t no damn good

21-Feb-05

There’s No Place Like 131.107.2.200: Oracle keeps on sucking
Matthew is having some problems with Oracle. I don’t know why he would inflict that kind of pain upon himself, but my guess is it’s client driven. Damn clients.
I briefly had to work with Oracle 8i at a previous job. I couldn’t figure out any of their [...]

Also filed in | | Comments (1) »

SQL Injection via SQL Parameters?

21-Sep-04

Possible SQL Injection via SQL Parameters?
Pick up “Writing Secure Code v.2″, They discuss how a SQL parameter can be used as an injection attack.
Mostly, the examples I’ve seen center around the “exec” statement, either embedded in the code or in an SProc.

sqlString = “exec sp_DoSomeStuff ‘” + inputFromUser + “‘”;
SqlCommand cmd = new SqlCommand(conn,sqlString)

Also filed in Technology | | Comments (0) »