Minimizing impact of widening an IDENTITY column

A problem that I have seen crop up a few times recently is the scenario where you have created an IDENTITY column as an INT, and now are nearing the upper bound and need to make it larger (BIGINT). If your table is large enough that you’re hitting the upper bound of an integer (over 2 billion), this is not an operation you can pull off between lunch and your coffee break on a Tuesday. This series will explore the mechanics behind such a change, and different ways to make it happen with varying impacts on uptime. In the first part, I wanted to take a close look at the physical impact of changing an INT to a BIGINT without any of the other variables.

Read Article series by Aaron Bertrand who provided different solutions with analysis – http://sqlperformance.com/2016/01/sql-indexes/widening-identity-column-1

DevOps – Commit to Git: Source Control in Visual Studio 2015

Since their 2013releases, Visual Studio and Team Foundation Server have offered out-of-the-box support for Git, the enormously popular source code management system that has upended many traditional options. To complement this source control option, Microsoft has added feature-rich front-end tooling for Git to Visual Studio. But how do you access and leverage these tools?

In this article, I’ll cover how Git differs from the source control technology that’s associated with Team Foundation Server (TFS), formally called Team Foundation Version Control (TFVC). Then I’ll delve into how to configure Git; how to create, connect to and work against a local repository (repo), including how to stage and commit changes; how to manage branches, including merging and viewing history; and how to connect to different types of remote repos, including how to sync changes.

Read full article – https://msdn.microsoft.com/magazine/mt767697

I hope this will help developers who is looking forward to work with GIT.

SQL Injection through SQLMap Burp Plugin

SQL Injection (SQLi) is a web based attack used by hackers to steal sensitive information from organizations through web applications. It is one of the most common application layer attacks used today. This attack takes advantage of improper coding of web applications, which allows hackers to exploit the vulnerability by injecting SQL commands into the prior web application.The underlying fact that allows for SQLi is that the fields available for user input in the web application allow SQL statements to pass through and interact with or query the database directly.

For example, let us consider a web application that implements a form-based login mechanism to store the user credentials and performs a simple SQL query to validate each login attempt. Here is a typical example:

select * from users where username=’admin’ and password=’admin123′;

If the attacker knows the username of the application administrator is admin, then he can log into the app as admin by entering the username as admin’– and without supplying any password. The query in the back-end looks like:

Select * from users where username=’admin’–’ and password=’xxx’;

Note the comment sequence (–-) causes the followed query to be ignored, so query executed is equivalent to:

Select * from users where username=’admin’;

Hence the password check is bypassed and the attacker is logged into the app as admin. SQL Injection can be tested in two ways – Manual Pen-Testing & Automation.

Read full articlehttp://www.securitylearn.net/tag/sqlmap-tutorial/

Hope this will help !!!!!

Deploying SQL Server databases alongside your application just got easier

When the time comes to deploy your application and database changes, ReadyRoll and Octopus Deploy make a great team.

ReadyRoll is a Visual Studio plug-in that automatically generates numerically ordered SQL migration scripts for you, so that you take your schema from one version to the next.

Use ReadyRoll to carefully prepare your database migrations – column additions, stored procedure changes, SQLCR assemblies, or static data.

Add the changes to version control, and then use Octopus Deploy to automate the release of your database and application deployments, all in one process.

Read more documentation – Here

Hope this will help !!!

Different Ways for Getting Post Data from View in Controller

In MVC, when we need to collect all the form values in an action method of a controller, there are several ways through which we can receive form post data in Controller.

Different Ways

  1. Strongly Typed Model
  2. Request Object
  3. Form Collection
  4. Through Parameters

Read full article – Here

Hope this will help !!!!