Monday, October 01, 2007

SQL Teaser: Guess the output

Here is a small teaser, can you guess the output?


SELECT d.c-d.b/d.a
FROM(SELECT 1,2,5)d(a,b,c)

Thursday, September 27, 2007

Screencast: SQL Server Analysis Services what's in it for me?

SQL Server Analysis Services is a very powerful tool, which was introduced with SQL Server 2000. In SQL Server 2005 it is far more powerful, but still underappreciated by a lot of developers. This is a quick and dirty attempt to convey the value of Analysis Services cubes in under ten minutes. Related Resources:

SQL Server Analysis Services Home
Microsoft Business Intelligence Home
SQL Server Analysis Services on MSDN

Watch the screencast(WMV)

Friday, September 21, 2007

SQL Teaser PASS Special: Table Size

What will be the outcome of this script?
First we create a table with a total of 6000 bytes
Next we increase col2 from 1000 to 2000 bytes, this will give us a total of 7000 bytes
Finally we add col3 which has 1000 bytes, this will give us a total of 8000 bytes


First run these two statements
--Total size = 6000
CREATE TABLE TestSize (Col1 char(5000),col2 char(1000))
GO

--total size = 7000
ALTER TABLE TestSize
ALTER COLUMN col2 char(2000)
GO

Now what do you think will happen when you run this?


--total size should be 8000 bytes (5000 + 2000 + 1000)
ALTER TABLE TestSize
ADD Col3 char(1000)
GO

Now for bonus points. What book have I been reading.

Hint: the author is at PASS

Wednesday, September 19, 2007

SQL Injection Cheat Sheet

What is SQL Injection? From wikipedia: SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed

Here is a nice SQL injection cheat sheet. Currently only for MySQL and Microsoft SQL Server, some ORACLE and some PostgreSQL

http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/

Table Of Contents
About SQL Injection Cheat Sheet
Syntax Reference, Sample Attacks and Dirty SQL Injection Tricks

Line Comments
SQL Injection Attack Samples

Inline Comments
Classical Inline Comment SQL Injection Attack Samples
MySQL Version Detection Sample Attacks

Stacking Queries
Language / Database Stacked Query Support Table
About MySQL and PHP
Stacked SQL Injection Attack Samples

If Statements
MySQL If Statement
SQL Server If Statement
If Statement SQL Injection Attack Samples

Using Integers

String Operations
String Concatenation

Strings without Quotes
Hex based SQL Injection Samples

String Modification & Related

Union Injections
UNION – Fixing Language Issues

Bypassing Login Screens

Enabling xp_cmdshell in SQL Server 2005
Other parts are not so well formatted but check out by yourself, drafts, notes and stuff, scroll down and see.

Tuesday, September 11, 2007

Cumulative update package 3 for SQL Server 2005 Service Pack 2 is available

Cumulative update package 3 for SQL Server 2005 Service Pack 2 is available.

How to obtain Cumulative Update 3 for SQL Server 2005 Service Pack 2
A supported cumulative update package is now available from Microsoft. However, it is intended to correct only the problems that are described in this article. Apply it only to systems that are experiencing these specific problems. This cumulative update package may receive additional testing. Therefore, if you are not severely affected by any of these problems, we recommend that you wait for the next SQL Server 2005 service pack that contains the hotfixes in this cumulative update package.

To resolve this problem, submit a request to Microsoft Online Customer Services to obtain the cumulative update package. To submit an online request to obtain the cumulative update package, visit the following Microsoft Web site:
http://go.microsoft.com/?linkid=6294451

Here is what is fixed:
50001581
938243 (http://support.microsoft.com/kb/938243/)
FIX: Error message when you run a full-text query against a catalog in SQL Server 2005: “The execution of a full-text query failed. The content index is corrupt."

50001585
938712 (http://support.microsoft.com/kb/938712/)
FIX: Some records in the fact table may not be processed when you process a dimension that contains many attributes or many members in SQL Server 2005


50001499
938962 (http://support.microsoft.com/kb/938962/)
FIX: You may receive an access violation or error 942 when you drop a database in SQL Server 2005


50001524
939563 (http://support.microsoft.com/kb/939563/)
FIX: Error message when you synchronize a merge replication in Microsoft SQL Server 2005: "MSmerge_del_, Line 42 String or binary data would be truncated"

50001582
939942 (http://support.microsoft.com/kb/939942/)
FIX: You receive an error message when you try to access a report after you configure SQL Server 2005 Reporting Services to run under the SharePoint integrated mode

50001583
940128 (http://support.microsoft.com/kb/940128/)
FIX: You receive error 8623 when you run a complex query in SQL Server 2005


50001586
940129 (http://support.microsoft.com/kb/940129/)
FIX: An MDX query does not return results when you execute the query against a cube that contains an unnatural hierarchy in a dimension in SQL Server 2005 Analysis Services


50001517
940160 (http://support.microsoft.com/kb/940160/)
FIX: Error message when you deploy a SQL Server 2005 Analysis Service project that contains many cubes, and the cubes contain linked measure groups: "Unexpected internal error"


50001449
940210 (http://support.microsoft.com/kb/940210/)
FIX: Error message when you try to insert more than 3 megabytes of data into a distributed partitioned view in SQL Server 2005: "A system assertion check has failed"


50001447
940220 (http://support.microsoft.com/kb/940220/)
FIX: Error message when you run a SQL Server 2005 Integration Services package that contains an FTP task: “An error occurred in the requested FTP operation"


50001448
940221 (http://support.microsoft.com/kb/940221/)
FIX: Error message when you try to create an Oracle publication by using the New Publication Wizard in Microsoft SQL Server 2005 Service Pack 2: “OLE DB Provider "OraOLEDB.ORACLE" for Linked server returned message "ORA-02074: Cannot RO


50001451
940223 (http://support.microsoft.com/kb/940223/)
FIX: Error message when you synchronize a subscription by using Windows Synchronization Manager in SQL Server 2005: “The merge process failed to get correct information about the Interactive Resolver component from the Registry"


50001416
940260 (http://support.microsoft.com/kb/940260/)
FIX: Error message when you use Service Broker in SQL Server 2005: "An error occurred while receiving data: '64(The specified network name is no longer available.)'"


50001435
940269 (http://support.microsoft.com/kb/940269/)
FIX: Error message when you try to edit a SQL Server Agent job or a maintenance plan by using SQL Server Management Studio in SQL Server 2005: "String or binary data would be truncated"


50001567
940281 (http://support.microsoft.com/kb/940281/)
FIX: An access violation may occur, and you may receive an error message, when you query the sys.dm_exe_sessions dynamic management view in SQL Server 2005


50001351
940370 (http://support.microsoft.com/kb/940370/)
FIX: The "User:" prefix is lost for the event information that is generated by a child package in SQL Server 2005 Integration Services after you install SQL Server 2005 Service Pack 2


50001382
940373 (http://support.microsoft.com/kb/940373/)
FIX: The performance of a Multidimensional Expressions query in SQL Server 2005 Analysis Services Service Pack 2 is much slower than the performance in earlier builds of SQL Server 2005 Analysis Services


50001433
940378 (http://support.microsoft.com/kb/940378/)
Fix: Unable to Change Transaction Isolation Level After Cursor Declaration


50001479
940384 (http://support.microsoft.com/kb/940384/)
FIX: You receive a System.InvalidCastException exception when you run an application that calls the Server.JobServer.Jobs.Contains method on a computer that has SQL Server 2005 Service Pack 2 installed


50001494
940386 (http://support.microsoft.com/kb/940386/)
FIX: You cannot install SQL Server 2005 Reporting Services Add-in for Microsoft SharePoint Technologies on a beta version of Windows Server 2008-based computer


50001602
940545 (http://support.microsoft.com/kb/940545/)
FIX: The performance of insert operations against a table that contains an identity column may be slow in SQL Server 2005


50001589
940935 (http://support.microsoft.com/kb/940935/)
FIX: Error message when you run a parallel query in SQL Server 2005 on a computer that has multiple processors: “SQL Server Assertion: File: , line=10850 Failed Assertion = 'GetLocalLockPartition () == xactLockInfo->GetLocalLockPartition ()'"


50001599
940937 (http://support.microsoft.com/kb/940937/)
FIX: Error message when you try to update the index key columns of a non-unique clustered index in SQL Server 2005: " Cannot insert duplicate key row in object 'ObjectName' with unique index 'IndexName'"


50001609
940939 (http://support.microsoft.com/kb/940939/)
FIX: Data is not rolled back after you roll back a transaction that contains a writeback operation in SQL Server 2005 Analysis Services


50001629
940942 (http://support.microsoft.com/kb/940942/)
FIX: Error message when you run a stored procedure that references a table that is upgraded from SQL Server 2000 to SQL Server 2005: “A time-out occurred while waiting for buffer latch"


50001573
940949 (http://support.microsoft.com/kb/940949/)
FIX: You receive an error message when you run an UPDATE CUBE statement to update a cube in SQL Server 2005 Analysis Services


50001576
940962 (http://support.microsoft.com/kb/940962/)
FIX: When processing a dimension on SQL Server 2005 Analysis Services an error is raised with the following format: "The following file is corrupted: Physical file: \\?\\MSMDBuildLevelStores_avl_672_29775_njzs2.tmp. Logical file ."

50001511
940126 (http://support.microsoft.com/kb/940126/)
FIX: Error 9003 is logged in the SQL Server error log file when you use log shipping in SQL Server 2005


50001436
940379 (http://support.microsoft.com/kb/940379/)
FIX: Error message when you use the UNLOAD and REWIND options to back up a database to a tape device in SQL Server 2005: "Operation on device '' exceeded retry count"

50001412
940375 (http://support.microsoft.com/kb/940375/)
FIX: Error message when you use the Copy Database Wizard to move a database from SQL Server 2000 to SQL Server 2005


50001522
939562 (http://support.microsoft.com/kb/939562/)
FIX: Error message when you run a query that fires an INSTEAD OF trigger in SQL Server 2005 Service Pack 2: "Internal Query Processor Error The query processor could not produce a query plan"


50001224
937100 (http://support.microsoft.com/kb/937100/)
FIX: Error message when you run a SQL Server 2005 Integration Services package that contains a Script Component transformation: "Insufficient memory to continue the execution of the program"


50001415
940377 (http://support.microsoft.com/kb/940377/)
FIX: Error message when you process cubes for one of the named instances of SQL Server 2005 Analysis Services: "Error opening file"


50001523
938363 (http://support.microsoft.com/kb/938363/)
FIX: Data is not replicated to a subscriber in a different partition by using parameterized row filters in SQL Server 2005


50001529
940945 (http://support.microsoft.com/kb/940945/)
FIX: Performance is very slow when the same stored procedure is executed at the same time in many connections on a multiple-processor computer that is running SQL Server 2005

50001578
939285 (http://support.microsoft.com/kb/939285/)
FIX: Error message when you run a stored procedure that starts a transaction that contains a Transact-SQL statement in SQL Server 2005: "New request is not allowed to start because it should come with valid transaction descriptor"


50001525
938086 (http://support.microsoft.com/kb/938086/)
FIX: A SQL Server Agent job fails when you run the SQL Server Agent job in the context of a proxy account in SQL Server 2005


50000872
936252 (http://support.microsoft.com/kb/936252/)
The file name of Cumulative Update 3 for SQL Server 2005 Service Pack 2 is incorrectly associated with Microsoft Knowledge Base article 936252


50000872
The MDX query performance is slow in SQL Server 2005 Analysis Services because SQL Server 2005 Analysis Services does not reuse the data cache
50001109
The dta utility stops unexpectedly and an exception occurs in SQL Server 2005
50001224
When you run a SQL Server 2005 Integration Services package that uses the VariableDispenser class, the package fails and you receive an error message
50001365
After you install SQL Server 2005 Service Pack 2, you receive error 8624 if the result set of a fast forward cursor contains a certain number of columns
50001368
After you install SQL Server 2005 Service Pack 2, the performance of a MDX query is 10 times slower than the performance on SQL Server 2005 Analysis Services build 1555
50001396
When you open a SQL Server 2005 Reporting Services report after you install SQL Server 2005 Service pack 2, the parameter toolbar and the report toolbar does not appear correctly if you specify the SP_Full value for the rc:StyleSheet URL access parameter on a report URL
50001412
Error message when you use the Copy Database Wizard to move a database from SQL Server 2000 to SQL Server 2005: "Cannot drop database "Database_Name" because it is currently in use.". Possible failure reasons: Problems with the query, "ResultSet" property not set correctly, parameters not set correctly, or connection not established correctly"
50001414
Error message when you use the bcp utility together with the queryout option to bulk copy data from SQL Server 2005 to a file: "SQLState = HY000, NativeError = 0 Error = [Microsoft][SQL Native Client]BCP host-files must contain at least onecolumn"
50001415
After you install SQL Server 2005 Service Pack 2, the Msmdredir.ini file is frequently updated by each instance of SQL Server 2005
50001436
Error message when you use the BACKUP DATABASE statement together with the UNLOAD option and with the REWIND option to back up a tape device in SQL Server 2005: "Operation on device 'TAPE0(<\\.\Tape0>)' exceeded retry count"
50001461
When some MDX queries are executed at the same for the same role or for the same user in SQL Server 2005 Analysis Services, the CPU usage is very high
50001475
When you open a report that contains a date and time picker (DTP) control in SQL Server 2005 Reporting Services, the format of the DTP control appears incorrectly
50001511
Error 9003 occurs when you restore a transaction log backup in SQL Server 2005
50001520
The query syntax of a report is changed when you run the report in SQL Server 2005 Reporting Services Service Pack 2 on SAP BW 3.5
50001522
Error 8624 occurs when you run a query in SQL Server 2005 Service Pack 2 (SP2) or later versions. However, you can successfully run the query in pre-SP2 version of SQL Server 2005
50001523
After you install SQL Server 2005 Service Pack 2, publications that use precomputed partitions can cause the non-convergence of data
50001525
Error message when you use SQL Server Agent to run jobs by using a proxy account: " SQLServer Error: 22046, Encryption error using CryptProtectData, CryptUnprotectData failed (1723)"
50001526
Using SQL Server Agent to run jobs in the context of a proxy account may fail with error "SQLServer Error: 22046, Encryption error using CryptProtectData, CryptUnprotectData failed (1723)"
50001529
The performance of SQL Server 2005 decreases because SQL Server 2005 is waiting for access to memory objects which is indicated by the CMEMTHREAD waittype
50001578
An exception occurs in SQL Native Client: "New request is not allowed to start because it should come with valid transaction descriptor"
50001579
When you use SQL Native Client to retrieve a value in a column of the TEXT data type, you obtain incorrect result if the value contains more than 1024 characters
50001580
Memory leak of the TokenAndPermAccessCheckResult entries occurs in SQL Server 2005
50001595
When you use SQL Native Client for a connection, the connection switches to use the auto-commit mode from the manually-commit mode
50001598
SQL Native Client overwrite error codes which causes that you do not receive informative error messages when some operations fails
50001639
The performance of an INSERT statement or an UPDATE statement that uses the result from a query is much slower in SQL Server 2005 Service Pack 2 than in SQL Server 2005 Service Pack 1 or earlier versions if the query uses the nodes method
50001164
FIX: Error message when you connect to an instance of SQL Server 2008 Analysis Services by using the AMO library that is included with SQL Server 2005 Service Pack 2 Analysis Services: "Cannot connect to Analysis Services version '10.0.1019.17'"

Monday, September 10, 2007

SQL Gotcha: Do you know what data type is used when running ad-hoc queries?

This is for SQL Server 2000 only, SQL Server 2005 is a lot smarter which is another reason to upgrade.
When running the following query you probably already know that 2 is converted to an int datatype


SELECT *
FROM Table
WHERE ID =2

What about the value 2222222222? Do you think since it can't fit into an int that it will be a bigint? Let's test that out.
First create this table.

CREATE TABLE TestAdHoc (id bigint primary key)

INSERT INTO TestAdHoc
SELECT 1 UNION
SELECT
2433253453453466666 UNION
SELECT
2 UNION
SELECT
3 UNION
SELECT
4 UNION
SELECT
5 UNION
SELECT
6


Now let's run these 2 queries which return the same data

SELECT *
FROM TestAdHoc
WHERE ID =2433253453453466666



SELECT *
FROM TestAdHoc
WHERE ID =CONVERT(bigint,2433253453453466666)

Now run the following SET statement and run the 2 queries again

SET SHOWPLAN_TEXT ON

SELECT *
FROM TestAdHoc
WHERE ID =2433253453453466666


SELECT *
FROM TestAdHoc
WHERE ID =CONVERT(bigint,2433253453453466666)

And what do we see?

First Query
--Nested Loops(Inner Join, OUTER REFERENCES:([Expr1002], [Expr1003], [Expr1004]))
--Compute Scalar(DEFINE:([Expr1002]=Convert([@1])-1,
[Expr1003]=Convert([@1])+1, [Expr1004]=If (Convert([@1])-1=NULL)
then 0 else 6If (Convert([@1])+1=NULL) then 0 else 10))
--Constant Scan
--Clustered Index Seek(OBJECT:([Blog].[dbo].[TestAdHoc].[PK__TestAdHoc__2818EA29]),
SEEK:([TestAdHoc].[id] > [Expr1002] AND [TestAdHoc].[id] < [Expr1003]), WHERE:(Convert([TestAdHoc].[id])=[@1]) ORDERED FORWARD)

Second Query
--Clustered Index Seek(OBJECT:([Blog].[dbo].[TestAdHoc].[PK__TestAdHoc__2818EA29]),
SEEK:([TestAdHoc].[id]=2433253453453466666) ORDERED FORWARD)


The first query has a much different execution plan than the second query. The first execution plan has a lot more than the second execution plan and will be a little slower.

So how do you know what dataype the value is converted to? Here is a simple SQL query which I first saw on Louis Davidson's blog. Just run this query.

SELECT CAST(SQL_VARIANT_PROPERTY(2433253453453466666,'BaseType') AS varchar(20)) + '(' +
CAST(SQL_VARIANT_PROPERTY(2433253453453466666,'Precision') AS varchar(10)) + ',' +
CAST(SQL_VARIANT_PROPERTY(2433253453453466666,'Scale') AS varchar(10)) + ')'

So the output is this numeric(19,0). So instead of a bigint SQL Server converts the value to a numeric data type.
Here is another query which demonstrates the different datatypes used.


SELECT CAST(SQL_VARIANT_PROPERTY(2,'BaseType') AS varchar(20))
UNION ALL
SELECT CAST(SQL_VARIANT_PROPERTY(222222222,'BaseType') AS varchar(20))
UNION ALL
SELECT CAST(SQL_VARIANT_PROPERTY(2222222222,'BaseType') AS varchar(20))


So when running ad-hoc queries it is always a good practice to use parameters or inline convert statements.

Wednesday, September 05, 2007

Microsoft SQL Server 2008 CTP 4 Released

Microsoft SQL Server 2008 CTP 4 has been released 20070831 (yes that is ISO format)
So I have been sleeping for the last couple of days and missed this. Connect didn't email me either ;-(

This download comes as a pre-configured VHD. This allows you to trial SQL Server 2008 CTP 4 in a virtual environment.

Get it here: http://www.microsoft.com/downloads/details.aspx?familyid=6a39affa-db6e-48a9-82e4-4efd6705f4a6&displaylang=en&tm

Friday, August 31, 2007

Download LINQPad

Can't wait for C# 3.0 and LINQ? Well you don't have to! Dynamically query SQL databases today in LINQ: no more struggling with antiquated SQL. Download LINQPad and kiss goodbye to SQL Management Studio: LINQPad supports LINQ to objects, LINQ to SQL and LINQ to XML—in fact, everything in C# 3.0 and .NET Framework 3.5. LINQPad is also a terrific learning tool for experimenting with this exciting new technology.

No installation required: LINQPad ships as a simple "click and run" self-updating 300KB executable. Instant LINQ!


Download it here: http://www.albahari.com/linqpad.html

Friday, August 24, 2007

Spam so bad it is funny

Hahaha, is this a babelfish translation?

FROM: BILLY BANGURAABUJA,NIGERIA
E-MAIL: billy_bangura2005@yahoo.co.uk
DEAR ONE
PERMIT ME TO INFORM YOU OF MY DESIRE OF GOING INTO BUSINESS RELATIONSHIP WITH YOU. I GOT YOUR CONTACT THROUGH MY CAREFUL SEARCH FOR TRUST WORTHY ASSISTANCE IN THE NET.
I PRAYED OVER IT AND SELECTED YOUR NAME AMONG OTHER (3) NAMES I GOT ALSO DUE TO IT'S ESTEEMING NATURE AND THE RECOMMENDATIONS GIVEN TO ME AS A REPUTABLE AND TRUST WORTHY PERSON I CAN DO BUSINESS WITH AND BY THEIR RECOMMENDATIONS I MUST NOT HESITATE TO CONFIDE IN YOU FOR THIS SIMPLE AND SINCERE BUSINESS.
I AM BILLY BANGURA PRESENTLY A POLITICAL REFUGEE IN ABUJA NIGERIA THE SON OF THE FORMER MINISTER OF FINANCE OF SIERRA LEONE, MR THAIMU BANGURA A GOLD DEALER.
DURING THE RECENT CRISIS IN MY COUNTRY (SIERRA LEONE), MY LATE FATHER WAS CAPTURED AND KILLED BY THE REBELS WHO ACCUSED HIM OF MIS-APPROPRIATION OF FUND AND EMBEZZLEMENT.

SHORTLY AFTER HIS DEATH, I ESCAPED TO NIGERIA-WEST AFRICA REGION FOR SATETY.
HE [MY LATE FATHER] LEFT SOME DOCUMENT WITH ME INDICATING CONSIGNMENT DEPOSIT MADE WITH A SECURITY COMPANY HERE IN NIGERIA BEFORE HIS DEATH, WHICH THE CONTENT US $50M {FIFTY MILLION UNITED STATES DOLLARS}.
THE BOX WAS DEPOSITED FOR SAFE-KEEPING AND YOUR ASSISTANCE IS REQUIRED BECAUSE MY STATUS AS POLITICAL REFUGEE DOSE NOT PERMIT ME TO HANDLE LARGE SUM OF MONEY HERE, AND YOU WILL ALSO BE EXCEPTED TO PROVIDE ME WITH INFORMATION ON INVESTMENT OPPORTUNITIES IN YOUR COUNTRY.
I DO NOT WISH TO CONTACT ANY OF MY LATE FATHER'S BUSINESS COMRADES/PARTNER BECAUSE I DO NOT KNOW WHO EXACTLY CAUSED HIS DEATH.


WHEN MY MOTHER DIED ON THE 21ST OCTOBER 1986, MY FATHER TOOK ME SO SPECIAL BECAUSE I AM MOTHERLESS.
HE ALSO EXPLAINED TO ME THAT IT WAS BECAUSE OF THIS WEALTH THAT HE WAS ACCUSED BY HIS ASSOCIATES, THAT I SHOULD SEEK FOR A FOREIGN PARTNER IN A COUNTRY OF MY CHOICE WHERE I WILL TRANSFER THIS MONEY AND USE IT FOR INVESTMENT PURPOSE, (SUCH AS REAL ESTATE MANAGEMENT). I AM HONOURABLY SEEKING YOUR ASSISTANCE IN THE FOLLOWING WAYS.

1) TO SERVE AS THE GUARDIAN OF THIS FUNDS IN YOUR COUNTRY SINCE I AM A BOY OF 28 YEARS OLD.

2) TO MAKE ARRANGEMENT FOR ME TO COME OVER TO YOUR COUNTRY TO FURTHER MY EDUCATION AND TO SECURE A RESIDENTIAL PERMIT FOR ME IN YOUR COUNTRY.

3) I AM SOLICITING FOR YOUR PERSONAL ASSISTANCE WITH TOP ARRANGE AND TO RECEIVE THIS MONEY ON BEHAIF OF ME AND ENSURE THAT THE MONEY IS UTILIZED WISELY IN A COUNTRY OF STABLE ECONOMY LIKE YOUR COUNTRY. THE PURPOSE OF THE MONEY WILL BE FOR A VIABLE INVESTMENT AFTER WE HAVE COLLECTED THE MONEY FROM THE SECURITY VAULT COMPANY.
MY REASON OF CONTACTING YOU IS FOR YOUR CO-OPERATION FOR YOU TO ASSIST ME IN THE REMOVING OF THE FUND OUT OF THE SECURITY COMPANY IN YOUR FAVOUR AND MY AS WELL. MOREOVER, TO HELP ME USE THE FUND CAREFULLY FOR INVESTMENT. ALL THE NECESSARY DOCUMENT ARE AT MY REACH. WITH CONFIDENCE IN YOU AS A TRUST-WORTHY PERSON TO ACT IN GOOD FAITH! I WILL INTRODUCE YOU TO AN ATTORNEY AS MY FATHER'S FOREIGN PARTNER WHO WILL ASSIST YOU WITH LEGAL PROCEEDINGS.
SINCE YOUR PARTICULARS WILL APPEAR EVERY VITAL DOCUMENT AS THE OWNER OF THE FUND THIS TRANSACTION WILL ATTRACT 30% FOR THE ASSIST YOU ARE RENDERING.
FURTHERMORE, YOU CAN INDICATE YOUR OPTION TOWARDS ASSISTING ME, AS I BELIEVE THAT THIS TRANSACTION WOULD BE CONCLUDED WITHIN SEVEN (7) DAYS YOU SIGNIFY INTEREST TO ASSIST ME AND ENDEAVOUR TO FURNISH ME WITH YOUR TELEPHONE AND FAX NUMBER FOR EASY COMMUNICATION.
THANKS AND GOD BLESS, HOPING TO HEAR FROM YOU SOONEST.
IN GOD WE TRUST.
YOURS SINCERELY,
BILLY BANGURA
NB: PLEASE REPLY ME THROUGH THIS MY PRIVATE E-MAIL (billy_bangura2005@yahoo.co.uk) FOR SECURITY REASON. THANKS

Thursday, August 23, 2007

Summer SQL Teaser #13 Numeric

Hi and welcome to another fascinating SQL summer teaser. Summer it is except inPrinceton where it was 50 degrees this week.
There was no teaser last week because of a death in the family, I had to go to a wake and a funeral last week. That is why the teaser will be posted on a Thursday this week ;-)



look at these values

$55.69
1.4e35
2d4
3.7
412

How many numeric values do you see? What do you think SQL Server's ISNUMERIC function will return for those values?

Let's find out, run the following code

CREATE TABLE #Temp (Data varchar(18))

INSERT INTO #Temp VALUES('$55.69')
INSERT INTO #Temp VALUES('1.4e35')
INSERT INTO #Temp VALUES('2d4')
INSERT INTO #Temp VALUES('3.7')
INSERT INTO #Temp VALUES('412')
INSERT INTO #Temp VALUES(CHAR(9)) --tab

Now without running this try to guess which values will be 1 and which 0. I added a bonus ISNUMERIC(ColumnName + 'e0') function. What do you think that will do? Remember first try to guess and then run the code. Any surprises?

SELECT Data,
ISNUMERIC(Data) AS [IsNumeric],
ISNUMERIC(Data + 'e0') AS IsReallyNumeric
FROM #Temp

Wednesday, August 22, 2007

geekSpeak recording - Real World SQL Server Integration Services with Matthew Roche

Channel 9 has posted a SQL Server 2005 Integration Services screen cast. From the site:

This geekSpeak is all about SQL Server 2005 Integration Services. We are lucky to have a real expert from the industry, Matthew Roche, to share his experiences with us. Matthew shows us how SSIS is a real development studio, since it's an instance of Visual Studio 2005, with new designers. It's very familiar for folks who are moving from a traditional development environment. He gets us familiar with tools and techniques, solutions and projects, like the drag-and-drop approach to building packages, opportunities to include scripts, and develop your own components as .NET Assemblies.

Matthew answers some great questions around performance, programmability. He helps us understand the distinction between data flows and control flows, and how best to manage SSIS packages. He offers some useful guidance on what scenarios merit what choices for moving data from one place to another - be it .NET app, SSIS, TSQL, BCP and so on.But the most important reason to watch is to find out what Matthew would "chew off his own mouse finger" to avoid having to do. :D
Be sure to check the geekSpeak blog for upcoming geekSpeaks!


Watch the screencast(WMV)

Tuesday, August 21, 2007

Late Summer Cleaning

I have too many CDs and decided to throw out some 'old' software. I either have newer versions or no need for it anymore.




Microsoft Gains Momentum in Business Intelligence Market as It Prepares to Launch Major BI Offerings

Microsoft Corp. today announced key milestones achieved within the business intelligence (BI) marketplace, including IDC’s recognizing Microsoft as one of the fastest-growing BI vendors in 2006. In IDC’s report, “Worldwide Business Intelligence Tools 2006 Vendor Shares,”* analysts found that Microsoft had a growth rate of 28 percent, the highest among the top 10 industry vendors. In addition, Microsoft® SQL Server™ 2005 was acknowledged by The OLAP Report as the No. 1 online analytical processing (OLAP) server on the market.

Microsoft’s continued investment in delivering high-performing, low-cost BI solutions for all business users via the Microsoft Office experience and SQL Server 2005 has customers taking notice.

“Like most companies, we experience a constant flow of change. Having the ability to monitor my business, analyze key business data, act on it and see real-time results gives me the competitive edge my business needs to survive,” said Michael Saunders, corporate vice president and chief information officer for Kellwood Co. “Microsoft has given us the ability and confidence to allow our employees at all levels to make informed decisions.”

SQL Server has established itself as an enterprise-class data platform. A recent BZ Research study found that 74.7 percent of enterprises use SQL Server, compared with 54.5 percent for the nearest competitor.

The Rise in Demand for Pervasive Business Intelligence

In its analysis, IDC states that the BI market grew by more than 11 percent in 2006. The BI tools market continues to be driven by the need for improved performance management and, to a lesser extent, compliance. “Performance management can take on the form of various decision-support and reporting functions to improve revenue, profit and operational efficiency; decrease costs; uncover new opportunities; or mitigate risk,” said Dan Vesset, an analyst with IDC. “Microsoft had another strong year in this market.”

To give businesses a step in the right direction, Microsoft will launch Microsoft Office PerformancePoint™ Server 2007 on Sept. 19, and SQL Server 2008 is scheduled to ship in the second quarter of 2008. Customers are invited to attend an event on Sept. 20 to learn more about Office PerformancePoint Server 2007. More information about the event is available at http://www.windowsitpro.com/roadshows/performancepoint.

“We are focused on helping our customers achieve higher levels of business performance by allowing them to take advantage of the rich BI capabilities offered through Microsoft business intelligence,” said Chris Caren, general manager of Office Business Applications at Microsoft. “We are excited to help companies integrate efficiently with one another to ensure all employees are held accountable for their actions across the entire business.”

In preparation for the upcoming releases, Microsoft issued its fourth and final community technology preview (CTP) for Microsoft Office PerformancePoint Server 2007 as well as the July CTP for SQL Server 2008.

The CTP program has over 10,000 active members. The latest preview of PerformancePoint Server 2007 is available to the public at https://connect.microsoft.com/site/sitehome.aspx?SiteID=181&wa=wsignin1.0, and enables customers and partners to preview and provide feedback on the latest pre-release versions of both products. The SQL Server 2008 July CTP can be downloaded at http://connect.microsoft.com/sqlserver. Feedback received from customers and partners during previous CTP programs has led to significant improvements in both products and closely aligned them with the needs of customers.

Bridging the BI Divide

Both releases promise significant enhancements to the BI landscape. PerformancePoint Server 2007 helps organizations align their processes by streamlining into a single application the monitoring, analysis and planning activities needed to improve business performance. By deploying PerformancePoint Server 2007, businesses can achieve better results by allowing individuals across the organization to improve performance. SQL Server 2008 will help organizations deliver a more secure, reliable data platform for storing business-critical information and delivering the right information to all users, while reducing the time and cost of managing data.

PerformancePoint Server is tightly integrated with the familiar and easy-to-use Microsoft Office system, allowing organizations to better align employees across divisions and make them accountable for their actions. In addition, PerformancePoint Server 2007 takes advantage of the enterprise-grade reliability, high performance, security technology and scalability of SQL Server 2005, enabling more people at all levels of the organization to transform disparate enterprise data into shared information they can use to make decisions and take actions that improve business outcomes.

“TCS and Microsoft are working together to invest in developing industry-leading, world-class BI solutions that enable our customers to experience certainty,” said Santosh Mohanty, global director and head of the Business Intelligence and Performance Management practice at Tata Consultancy Services Ltd. “We are seeing significant market momentum and double-digit growth for BI solutions built on the industry-leading Microsoft technology stack. This growth, being fueled by demand from some of the largest corporations in the world, has enabled us to aggressively push our strategic objective of building a $100 million BI practice on the Microsoft technology stack.”


* Source: IDC, Doc #207422, June 2007

SQL Server 2008 Live Meeting Event on August 21st on DateTime function

Don't forget, today is the day of the SQL Server 2008 Live Meeting Event. Here is what I got in my inbox:

We wanted to remind you that on August 21st at 11am Pacific, that we will holding our 3rd Live Meeting event of the month of July. Join Michael Wang as he explains all the interesting features the new function "DateTime" will include. We will some examples of how "DateTime" will work in SQL Server 2008, and will be fielding all your questions as well. So make sure you get there early for all the fun!


New Datetime Data Type
08/21/07 @ 11am Pacific

Monday, August 20, 2007

Do you know how NULLIF and non-deterministic functions work?

Run this first

CREATE TABLE #j (n varchar(15))

DECLARE @a int
SET @a = 1
WHILE @a <= 1000 BEGIN
INSERT
#j
SELECT NULLIF(REPLICATE('1', RAND()*2) , ' ')
SET @a = @a + 1
END
Go

After that is done run this query

SELECT * FROM #j WHERE n = ' '

You will get back between 200 and 300 rows. What just happened? In our insert we use this NULLIF(REPLICATE('1', RAND()*2) , ' ')
What this does is the following: if REPLICATE('1', RAND()*2) equals ' ' then it will insert a NULL, so where do the blanks come from? Well let's find out.

Run this

SET SHOWPLAN_TEXT ON

SELECT
NULLIF(REPLICATE('1', RAND()*2) , ' ')

and we see the following
--Compute Scalar(DEFINE:([Expr1000]=If (replicate('1', Convert(rand(NULL)*2))=' ') then NULL else replicate('1', Convert(rand(NULL)*2))))

This can also be written like this

SELECT CASE WHEN REPLICATE('1', RAND()*2) =' '
THEN NULL ELSE REPLICATE('1', RAND()*2) END

See what happens? First SQL evaluates if REPLICATE('1', RAND()*2) is ' ' if that is not ' ' then the same code gets executed again and thus could be a blank
If you use a variable this can never happen.

Here is an example, keep hitting F5 and you will see it will never be blank

DECLARE @val float
SET
@val = RAND()

SELECT NULLIF(REPLICATE('1', CONVERT(int, @val*2)) , ' ')

Article: LINQ to SQL (Part 6 - Retrieving Data Using Stored Procedures)

LINQ to SQL is a built-in O/RM (object relational mapper) that ships in the .NET Framework 3.5 release, and which enables you to model relational databases using .NET classes. You can use LINQ expressions to query the database with them, as well as update/insert/delete data.

This is the 6th article that Scott Guthrie has written about LINQ. The first 5 can be found below.

Part 1: Introduction to LINQ to SQL
Part 2: Defining our Data Model Classes
Part 3: Querying our Database
Part 4: Updating our Database
Part 5: Binding UI using the ASP:LinqDataSource Control

What is covered in the 6th article?

To SPROC or not to SPROC? That is the question....
The Steps to Map and Call a SPROC using LINQ to SQL
How to Map a SPROC to a LINQ to SQL DataContext
How to Call our Newly Mapped SPROC
Mapping the Return Type of SPROC Methods to Data Model Classes
Handling SPROC Output Parameters
Handling Multiple Result Shapes from SPROCs
Supporting User Defined Functions (UDFs)
Summary



Read the article here: http://weblogs.asp.net/scottgu/archive/2007/08/16/linq-to-sql-part-6-retrieving-data-using-stored-procedures.aspx

Friday, August 10, 2007

Summer SQL Teaser #12 Missing Dates

Stole this tease from my friend Mark.
The teaser for this week is not really a teaser, this time you will have to write some code instead of guessing/knowing.
First create this table of numbers


SET NOCOUNT ON
CREATE TABLE
numbers(num int primary key)
DECLARE @l int
SELECT @l =0
WHILE @l <= 1000 BEGIN
INSERT
numbers VALUES(@l)
SET @l = @l + 1
END
GO

Below is a table, return all the dates for July 2007 where Joe does not have a LoginDate entry. So in this case the output is 28 rows

DECLARE @LOGIN TABLE (id int IDENTITY(1,1), Name varchar(20), LoginDate datetime )
INSERT @LOGIN VALUES ('Joe', '20070701')
INSERT @LOGIN VALUES ('Joe', '20070710')
INSERT @LOGIN VALUES ('Joe', '20070720')
INSERT @LOGIN VALUES (Fred, '20070702')
INSERT @LOGIN VALUES (Fred, '20070707')
INSERT @LOGIN VALUES (Fred, '20070711')


Expected output

Joe 2007-07-02 00:00:00.000
Joe 2007-07-03 00:00:00.000
Joe 2007-07-04 00:00:00.000
Joe 2007-07-05 00:00:00.000
Joe 2007-07-06 00:00:00.000
Joe 2007-07-07 00:00:00.000
Joe 2007-07-08 00:00:00.000
Joe 2007-07-09 00:00:00.000
Joe 2007-07-11 00:00:00.000
Joe 2007-07-12 00:00:00.000
Joe 2007-07-13 00:00:00.000
Joe 2007-07-14 00:00:00.000
Joe 2007-07-15 00:00:00.000
Joe 2007-07-16 00:00:00.000
Joe 2007-07-17 00:00:00.000
Joe 2007-07-18 00:00:00.000
Joe 2007-07-19 00:00:00.000
Joe 2007-07-21 00:00:00.000
Joe 2007-07-22 00:00:00.000
Joe 2007-07-23 00:00:00.000
Joe 2007-07-24 00:00:00.000
Joe 2007-07-25 00:00:00.000
Joe 2007-07-26 00:00:00.000
Joe 2007-07-27 00:00:00.000
Joe 2007-07-28 00:00:00.000
Joe 2007-07-29 00:00:00.000
Joe 2007-07-30 00:00:00.000
Joe 2007-07-31 00:00:00.000

Your task is to write code that will return that resultset.
1) you have to use the number table I provided
2) you cannot use a calendar table

Shortest code wins, I got mine down to 207 characters (and no, it is not all in 1 line)

I will post my code tomorrow

Thursday, August 09, 2007

SQL Server Monitor Gadget for Windows Vista Sidebar

Conchango are making available version 1 of our SQL Server Monitor Gadget for Windows Vista Sidebar

The gadget does exactly what it says on the tin; it monitors a specified SQL Server database for various metrics and displays them on the Windows Vista Sidebar. It is provided for use by SQL Server DBAs that require a nice'n'easy way of monitoring important metrics on their SQL Server installations. In version 1 the gadget provides the following information:

Data file size - total file size of the database data files
Data file used - amount of used space on those data files
Data file used % - The percentage of the total data size that has been used
Log file size - total file size of the database log files
Log file used - amount of used space on those log files
Log file used % - The percentage of the total log size that has been used


Watch the demo, read more and download the gadget here: http://blogs.conchango.com/jamiethomson/archive/2007/08/09/Announcing-SQL-Server-Monitor-Gadget-for-Windows-Vista-Sidebar.aspx

Tuesday, August 07, 2007

Agile: Planning Poker and Scrum

Who said you can’t gamble at work and what is Scrum anyway? Scrum is an agile process for developing software. With Scrum, projects progress via a series of iterations called sprints. A sprint can be 2 weeks, 3 weeks or a month. The sprint is a deliverable, after the completion of the sprint you are supposed to have delivered working piece of code. This might be a subset of a product. The reason to deliver frequently is so that the client can comment on the product. Instead of waiting 3 months before the client sees the product only to say that this is not what the envisioned they will see it earlier and give you feedback. This will save you a lot of time, trust me on this one! If you want to learn more about scrum then download this excellent 90 page book in pdf format by Henrik Kniberg (Scrum and XP from the Trenches)

Planning Poker
Have you ever been in a meeting where the question was asked how long it would take to do a certain task? What usually happens is this: the first person will say 16 hours and the next 3 people will pick something close or even the same value. With planning poker you don’t know what the other people said until every person decided. This is how it works: everyone has a bunch of cards which are numbered between 0.5 and 48 (with gaps), a need more info card and a need coffee break card. These cards can be used for days or hours, it depends how big the task is. So it the same question is asked then everyone puts a card down with the number facing down. Then all the people turn the cards and the group looks at the numbers. At this point you will see strange things every now and then, some people have 2 hours some people have 32 hours for the same task. The reason for this is because some of the people didn’t completely understand what is involved and might need more information. You go around the room and everyone explains how they picked their number. This is where you will find out that some people didn’t understand the task and need more info. Sometimes you will find out that a task needs to be split up, a task should not take longer than 1 ideal day to complete. After you have completed the whole process a couple of times you will find out that your team is much better at estimating the time it will take to complete a task.

There is a website where you can do planning poker online, the URL is http://www.planningpoker.com/

We made our own, we all picked a different picture for the back of the cards and everyone has the same numbers for the front.


To learn more about Scrum visit these URLs
http://agilemanifesto.org/
http://www.mountaingoatsoftware.com/scrum
http://www.xprogramming.com/xpmag/whatisxp.htm

If you want to read books about scrum then I recommend these two
Agile Project Management with Scrum (Microsoft Professional)
Agile Software Development with SCRUM

And never ever call a certified Scrum Master Scrumbag ;-)