---

Dynamic SQL is an oft-misunderstood feature that is also the key to developing applications able to respond and be flexible in the face of rapidly-changing business environments; its use conveys business advantage. Developers and database administrators are thus motivated to buy this book in order to learn and correctly employ dynamic SQL in their day-to-day work.
The technical book audience is also weary of unwieldy books covering too much ground to just a shallow-level. This book appeals by focusing on just one topic and covering the topic well and to an expert-level depth.
Finally there is security. SQL injection attacks are prevalent and a common vector by which bad actors gain access to corporate data. This book addresses the issue head-on by showing how to ward of such attacks while still taking advantage of SQL Server´s feature set for constructing and executing on-the-fly SQL.

---

This book is an introduction and deep-dive into the many uses of
dynamic SQL in Microsoft SQL Server. Dynamic SQL is key to large-scale
searching based upon user-entered criteria. It´s also useful in
generating value-lists, in dynamic pivoting of data for business
intelligence reporting, and for customizing database objects and
querying their structure.

Executing dynamic SQL is at the heart
of applications such as business intelligence dashboards that need to be
fluid and respond instantly to changing user needs as those users
explore their data and view the results. Yet dynamic SQL is feared by
many due to concerns over SQL injection attacks. Reading Dynamic SQL:
Applications, Performance, and Security is your opportunity to learn and
master an often misunderstood feature, including security and SQL
injection.

All aspects of security relevant to dynamic SQL are
discussed in this book. You will learn many ways to save time and
develop code more efficiently, and you will practice directly with
security scenarios that threaten companies around the world every day.
Dynamic SQL: Applications, Performance, and Security helps you bring the
productivity and user-satisfaction of flexible and responsive
applications to your organization safely and securely. Your
organization´s increased ability to respond to rapidly changing business
scenarios will build competitive advantage in an increasingly crowded
and competitive global marketplace.

Discusses many applications of dynamic SQL, both simple and complex.
Explains each example with demos that can be run at home and on your laptop.
Helps you to identify when dynamic SQL can offer superior performance.
Pays attention to security and best practices to ensure safety of your data.
What You Will Learn

Build flexible applications
that respond fast to changing business needs.
Take advantage of
unconventional but productive uses of dynamic SQL.
Protect your data from
attack through best-practices in your implementations.
Know about SQL Injection and
be confident in your defenses against it
Run at high performance by
optimizing dynamic SQL in your applications.
Troubleshoot and debug dynamic SQL to ensure correct results.
Who This Book is
For

Dynamic SQL: Applications, Performance, and Security

is for developers and database administrators
looking to hone and build their T-SQL coding skills. The book is ideal for
advanced users wanting to plumb the depths of application flexibility and
troubleshoot performance issues involving dynamic SQL. The book is also ideal
for beginners wanting to learn what dynamic SQL is about and how it can help
them deliver competitive advantage to their organizations.

---

Introduction Chapter 1: What is Dynamic SQL? Chapter 2: Dynamic SQL Best Practices Chapter 3: Protecting Against Malicious Input Chapter 4: Warding Off SQL Injection Chapter 5: Permissions and Security Chapter 6: Managing Scope Chapter 7: Large-scale Searching Chapter 8: Scalable Dynamic Lists Chapter 9: Parameter Sniffing Chapter 10: Dynamic Pivoting and Application Examples Chapter 11: Database Objects, Collation Conflicts, Data Archiving

---