Brian Swan's Blog

One of the best things about writing this series on connection options for the SQL Server Driver for PHP is that I get to learn about lots of interesting SQL Server features. This time, the Failover_Partner connection option has led me to do a bit of homework on database mirroring. The short story is that as an application developer you don’t really need to understand much about database mirroring…it’s a DBA concern.  Of course, if you are both app dev and DBA and have the need for a failover database, then you might want to invest some time in learning more about mirroring than I'll go into (the MSDN documentation starts here). In this post, I'll provide an introduction to mirroring and hopefully give you enough information about the Failover_Partner option for you to send your DBA an intelligent email in case something goes wrong.

Okay, okay. I know that Java Database Connectivity (JDBC) doesn’t have much (if anything) to do with PHP, so I apologize in advance if you are tuning in expecting to find something PHP-related. However, I temper my apology with the idea that getting out of your comfort zone is generally beneficial to your growth. The fun part is that it is very often beneficial in ways you cannot predict. So, with that said, I’m embarking on an investigation of the SQL Server JDBC Driver in hopes that I will learn something new (maybe even many things). I do not plan to stop writing about PHP, so consider this trip to be a jaunt down a side street.  In addition to my usual PHP-related content, I’ll aim to make Java/JDBC-related posts a couple times each month as I learn new and interesting things. But, when you start walking down side streets, you never know where you’ll end up…

With all the snow in Seattle this week (I know people in the mid-west and on the east coast are laughing at me when I say that), I feel out of sync. I’m sure I’ve missed lots of interesting links this week…I should have plenty of time this weekend to hunt more down since we’ll be iced in. But, what I did come across this week is good – lots of PHP/Azure news as the PHP on Azure contest heats up…

In this post, I’ll add to my slowly growing series that elaborates on the connection options for the SQL Server Driver for PHP. This time I’ll focus on the CharacterSet option. This is the option that specifies how data will be encoded when it is sent to and from the server.  I’ll take a look at how and when to use the different values for this option, as well as briefly look at what the driver is doing under the hood for each value. This is especially interesting in the case of storing UTF-8 encoded data since SQL Server only supports storing USC-2 encoded data.

In this week’s list, be sure to look at the comprehensive list of conferences if you haven’t already made your conference plans for the year. There’s also some good links that are helpful in learning about testing, but maybe nobody needs to read those since everyone knows how to write good tests…right? The “just for fun” links require a beverage, but that’s fine since it’s Friday…

When I’ve asked people about their strategies for preventing SQL injection, one response is sometimes “I use stored procedures.” But, stored procedures do not, by themselves, necessarily protect against SQL injection. The usefulness of a stored procedure as a protective measure has everything to do with how the stored procedure is written. Write a stored procedure one way, and you can prevent SQL Injection. Write it another way, and you are still vulnerable. This post will look at one common pitfall that can leave stored procedures vulnerable to SQL injection.

Earlier this month I attended the monthly meeting of the Seattle PHP Meetup Group. In ways I didn’t expect, it was a very interesting meeting. The content itself was interesting enough (we were talking about database design), but what I found even more interesting was how the meeting dynamics provided a good reminder of what goes into a successful software project. What I observed was nothing new – what I have to say will all be familiar to anyone who has run successful software projects – but my observations served as reminders of some of the key components of a successful project.

In categorizing this week’s links, I was reluctant to put so many interesting links into the Miscellaneous category because I sometimes think of miscellaneous as implying a lack of importance. But note, that thought is wrong! Miscellaneous means “made up of many different things or kinds of things that have no necessary connection with each other.”  There is no mention of (or even implication of) lack of importance in that definition. Some of this week’s most interesting links are in the made-up-of-many-different-things-or-kinds-of-things-that-have-no-necessary-connection-with-each-other-(not-unimportant) category…