Stay in touch …

FreeDB2

TwitterFollow me on Twitter

Archives

DB2 on Rails is now faster and more secure with parametrized query support

Not too long ago, I blogged about importance of getting developers to code parametrized queries  instead of using literal values in SQL queries. In this post I urged every DBA to forward an article that talked about SQL injection attacks to their developers. Well, it would not have helped any to send this article to a Ruby on Rails developer because Ruby on Rails does not support parametrized queries.  I should say “did not support till today”. Today IBM delivered version 2.0 of the Rails adapter for DB2 and the key future of this new version is support for parametrized [...]

Read …

January 22nd, 2010 | Tags: , , , | Category: Performance, Security | One comment

The Article every DBA should forward to SQL developers

I think that every Database Administrator needs to read the article “Opinion: No more excuses for SQL injection attacks” and send it out to every application developer they know. I hate SPAM as much as the next guy but I think it is justified in this case. I am dead serious.
We, the database people of all walks of life (DB2, Oracle, SQL Server …), have been talking about the benefits of using parameters in the queries instead of literal values for years. The main message has been “performance”. Most DBMS will perform much better and will use less server resources [...]

Read …

September 8th, 2009 | Tags: , , , , | Category: Administration, New features, Performance, Programming, Security | 9 comments