Redgate Blog

Posts by
Phil Factor

Phil Factor (real name withheld to protect the guilty), aka Database Mole, has 30 years of experience with database-intensive applications. Despite having once been shouted at by a furious Bill Gates at an exhibition in the early 1980s, he has remained resolutely anonymous throughout his career. He is a regular contributor to <strong><a href="http://www.simple-talk.com/" target="_blank" rel="noopener">Simple Talk</a></strong> and <strong><a href="http://www.sqlservercentral.com/" target="_blank" rel="noopener">SQLServerCentral</a></strong>.

12 February 2019

12 February 2019

A Database Developer’s Guide to SQL Clone

Phil Factor explains how SQL Clone works, and its multiple benefits when used in daily development and testing work, as well as for other tasks such as training staff to use a new application. Read more

4 February 2019

4 February 2019

Monitoring the Application with Redgate Monitor: Website Activity

Using a PowerShell script that collects log data from a web server, plus a Redgate Monitor custom metric, Phil Factor offers a way to check for suspicious website errors and unusual patterns of activity, right alongside your database monitoring. Read more

23 January 2019

23 January 2019

Using a Variable-length Datatype Without Explicit Length: The Whys and Wherefores (BP007/8)

If you declare a variable-length string , or coerce a string, without specifying its length, you can fall foul of ‘silent’ string truncation. Some developers resort to using the (MAX) specification, which is a mistake too. Phil Factor explains the dangers and then offers a workaround for the problem, when… Read more

SQL code analysis

11 January 2019

11 January 2019

The risks of using EXECUTE (‘SQL Script’)

SQL Prompt’s code analysis rule, BP013, will alert you to use of Execute(string) to execute a batch in a string, often assembled dynamically from user input. This technique is dangerous because the parameter values are injected before the statement is parsed by SQL Server, allowing an attacker to "tag on"… Read more

SQL code smells

8 January 2019

8 January 2019

The Whys and Wherefores of Untrusted or Disabled Constraints

Having untrusted or disabled FOREIGN KEY or CHECK constraints in your databases will degrade data consistency and integrity and can cause query performance problems. Phil Factor explains how to detect these and other table-related issues, during development, before they cause trouble further down the line. Read more

22 December 2018

22 December 2018

On Quickly Investigating a Redgate Monitor Custom Security Alert

Phil Factor offers a clever way to report on a SQL Server intrusion, with a query that shows a full narrative description of all the security-related changes that have been detected by a set of Redgate Monitor custom metrics. Read more

SQL Server security monitoring

13 December 2018

13 December 2018

Database Continuous Integration with SQL Clone and SQL Change Automation

Phil Factor provides the basis for a Database Continuous Integration process, using SQL Change Automation to build the latest database, and then SQL Clone to distribute it to the various team-based servers that need it. Having honed the process, you can run it every time someone commits a database change. Read more

5 December 2018

5 December 2018

Build and fill a database using JSON and SQL Change Automation

Phil Factor demonstrates how to export data from a database, as JSON files, validate it using JSON Schema, then build a fresh development copy of the database using SQL Change Automation, and import all the test data from the JSON files. Read more

15 November 2018

15 November 2018

SQL Prompt Code Analysis: A Hint is Used (PE004-7)

Phil Factor suggests a philosophy of "the SQL query optimizer knows best" when it comes to choosing the right execution plan. Use hints as a last resort, and evaluate them carefully whenever SQL Prompt warns you of their presence in your SQL code. Read more

SQL code analysis

SQL code smells

6 November 2018

6 November 2018

Retrospective Database Source Control with SQL Compare

You've found a database that is not in source control. What do you do? Phil Factor shows how to use SQL Compare to generate all the missing object scripts, in Git, and then keep them up-to-date automatically, in response to any further database changes, during development. Read more

database version control