Redgate Hub

Topic: SQL Code Analysis

All products

All databases

All levels

SQL Prompt logo

Insert Statement Without Column List (BP004)

Many production databases have failed embarrassingly as a result of INSERT code that omits a column list, usually in mysterious ways and often without generating errors. Phil Factor demonstrates the problem, and advocates a 'defense-in-depth' approach to writing SQL, in order to avoid it. Read more

SQL Prompt logo

Using a Variable-length Datatype Without Explicit Length: The Whys and Wherefores (BP007/8)

If you declare a variable-length string , or coerce a string, without specifying its length, you can fall foul of ‘silent’ string truncation. Some developers resort to using the (MAX) specification, which is a mistake too. Phil Factor explains the dangers and then offers a workaround for the problem, when… Read more

SQL Prompt logo

The risks of using EXECUTE ('SQL Script')

SQL Prompt’s code analysis rule, BP013, will alert you to use of Execute(string) to execute a batch in a string, often assembled dynamically from user input. This technique is dangerous because the parameter values are injected before the statement is parsed by SQL Server, allowing an attacker to "tag on"… Read more

SQL Prompt logo

The Whys and Wherefores of Untrusted or Disabled Constraints

Having untrusted or disabled FOREIGN KEY or CHECK constraints in your databases will degrade data consistency and integrity and can cause query performance problems. Phil Factor explains how to detect these and other table-related issues, during development, before they cause trouble further down the line. Read more

SQL Prompt logo

SQL Prompt Code Analysis: A Hint is Used (PE004-7)

Phil Factor suggests a philosophy of "the SQL query optimizer knows best" when it comes to choosing the right execution plan. Use hints as a last resort, and evaluate them carefully whenever SQL Prompt warns you of their presence in your SQL code. Read more

SQL Prompt logo

SQL Prompt Code Analysis: Table does not have clustered index (BP021)

If SQL Prompt alerts you to a table without a clustered index, investigate the reason for its absence carefully. It is rare indeed to find a table where data retrieval is faster without one. Read more

SQL Prompt logo

SQL Prompt Code Analysis: Avoid using the ISNUMERIC Function (E1029)

Avoid using the IsNumeric() function, because it can often lead to data type conversion errors, when importing data. On SQL Server 2012 or later, use the Try_Convert() or Try_Cast() function instead. On earlier SQL Server versions, the only way to avoid it is by using LIKE expressions. Read more

SQL Prompt logo

SQL Prompt Code Analysis: INSERT INTO a permanent table with ORDER BY (PE020)

Data in relational tables is never guaranteed to be returned in a particular order, so adding an ORDER BY to an INSERT INTO statement is meaningless and, pre-SQL Server 2012, could cause performance issues. If you really need to impose a particular order on rows in the table, use a… Read more

SQL Change Automation logo

Practical PowerShell Processes with SQL Change Automation

Starting from the object-level source code for a database, Phil Factor shows how SCA can create a NuGet build package, use it to migrate target database to the same version, and publish web-based database documentation, a report of what changed on the target and the results of a static code… Read more

SQL Prompt logo

SQL Prompt code analysis: avoid non-standard column aliases (ST002 and DEP021)

If you declare a column alias using equals SQL Prompt will raise a violation of a style rule (ST002). It's best to follow the ANSI-SQL92 standard of assigning aliases using the AS keyword. If the alias is not a standard identifier, delimit it with double quotes. using single quotes has… Read more

Previous Next

Sicherheit und Compliance

Datenbankmonitoring und Observability

Datenbankänderungsmanagement

Produktivität und Workflow-Automatisierung

KI-bereite Daten

Datenbankmodernisierung

Effizienz und Kostenoptimierung

Cloud-Migration und Workload-Optimierung

Redgate Flyway

Redgate Monitor

SQL Toolbelt Essentials

Redgate Test Data Manager

Redgate Hub

Topic: SQL Code Analysis

Insert Statement Without Column List (BP004)

Using a Variable-length Datatype Without Explicit Length: The Whys and Wherefores (BP007/8)

The risks of using EXECUTE ('SQL Script')

The Whys and Wherefores of Untrusted or Disabled Constraints

SQL Prompt Code Analysis: A Hint is Used (PE004-7)

SQL Prompt Code Analysis: Table does not have clustered index (BP021)

SQL Prompt Code Analysis: Avoid using the ISNUMERIC Function (E1029)

SQL Prompt Code Analysis: INSERT INTO a permanent table with ORDER BY (PE020)

Practical PowerShell Processes with SQL Change Automation

SQL Prompt code analysis: avoid non-standard column aliases (ST002 and DEP021)

2025 Stand der Datenbank-Landschaft

Einführung in PostgreSQL für den Datenprofi

Sicherheit und Compliance

Datenbankmonitoring und Observability

Datenbankänderungsmanagement

Produktivität und Workflow-Automatisierung

KI-bereite Daten

Datenbankmodernisierung

Effizienz und Kostenoptimierung

Cloud-Migration und Workload-Optimierung

Redgate Flyway

Redgate Monitor

SQL Toolbelt Essentials

Redgate Test Data Manager

Topic: SQL Code Analysis

Cookies on red-gate.com