Editorials

Loading image files from a directory using SQL 2005

by Ben Taylor

Featured Article(s)
Loading image files from a directory using SQL 2005
The following procedure uses the new BULK in OPENROWSET set function in order to load all image files from a given directory location to a table inside SQL Server , If the table does not exist, the procedure creates it. The table structure is an identity column, the file name and the file contents (varbinary (max))

New SelectViews SQL Server Show Available
Learn about SQL Injection, Information and Thoughts About the TJX Data Breach Lawsuit. Noise and News in the Industry, the 60-second SQL Server Tip of the Day, Upcoming Events and a LOT More.

> Watch Here

About that Data Breach
I don’t know if you’ve heard the news, and the news isn’t by any means "final" or definitive, but the data breach that just happened at some 300 locations has been somewhat solved. It seems that more than 300 servers were compromised – making it possible to step into the credit card authorization process and gather up the credit card information needed to accomplish the ID thefts that resulted.

This whole issue was one that really got my attention – because the breach wasn’t clear and was happening at company that was PCI certified, and in fact passed certification again while the data theft was occurring. It appears that this was a concerted effort (no kidding, 300 servers!) and possibly/likely an inside job just because of the major feat of getting to all of those servers.

This story is still "breaking" in that they don’t know (or at least have not released) details yet about how this happened, nor have they indicated if this was a custom bug or a more generic malware issue. I think it’ll be important to follow this and understand what happened, and just as importantly, how we can protect against and detect this in the future. Keep yours eyes open for additional details on this – we can learn a lot from what has happened. PCI certification (or something else) may have to be modified to support anti-virus/anti-malware controls and such, but boy is that going to get complicated when you consider the implications of not only implementing it, but maintaining it and certifying that you’re doing it.

More to come on this one…

Reminder: I Need Your Help!
(This survey will close at 11:59p on 4/4/2008 – take the survey now to be eligible for the prizes!)

I want to make SSWUG.ORG EVERYTHING you need it to be, but I need to know what you need. Here’s your chance to let us know what you want to see.

Our community survey is now live. It’s all about you, what you do, how you use SSWUG, your suggestions, what types of systems you support and more. We are also offering a drawing, with a LOT of prizes for winners. You can’t lose, but time is running out!

* Thank you to all those that have donated prizes for this survey! *

Ten (10) $50 cash prizes
Five (5) 5-Year SSWUG.org Memberships
Two (2) Lifetime SSWUG Virtual Conference Passes
One (1) Unlimited user license for SQL Farm Combine + 1 free yr of maint. and support, a ~$5,000 value.(SQL Farms)

One (1) 12 month license for DataDefractor Developer edition. (InteractiveEdge)

One (1) Choice of (1) free license of SQL defrag manager or SQLsecure (Idera)

One (1) Enterprise Edition license of Event Manager for SQL Server including 1 year of Software maintenance (SQL Sentry, a $1,194 value)

One (1) Choice of (1) license for PowerGadgets, or (1) license for Chart FX – (SoftwareFX)
One (1) Sql Power Tools Enterprise License 2.0 with 3D Visualization.
One (1) Performance Monitor license (Teratrax)

One (1) 12 month Server License of Quest’s Change Director for SQL Server ($1,200 value)

…and here’s a suggestion. On the first page of the survey, you’re prompted for your email and name. This is not used with the answers you provide – so no worries. Second, if you’d like a second entry, on the last page of the survey you’ll have instructions on what to do to have a second entry. So, you have two chances to win. a chance to have input into the direction of SSWUG and we’ll able to also show some interesting information to everyone about the overall DBA community.

Please stop by the site – the survey will only be open for a short time and the responses we can get the more meaningful the information is for the response summaries.

Here’s a direct link to the survey. It shouldn’t take long at all – and the prizes will be substantial!

Featured White Paper(s)
Optimizing your SQL Server Infrastructure: Good Ideas, Bad Ideas
In the first chapter of the eBook SQL Server Infrastructure Optimization, “Traditional Challenges and Their Impact,” the auth… (read more)

Protecting SQL Server Applications and Data Against Common SQL Failures
Microsoft SQL Server has emerged as the database of choice for mission critical applications for small and mid-sized companie… (read more)

Tags:
Author: Ben TaylorBen is a Relational Database veteran starting in the early eighties on DEC Vax database systems such as Bloom and Harvest. He has specialized in SQL engines for more than two decades, with a primary focus on Microsoft SQL Server. Ben has worked with small and large databases for both OLAP and OLTP working on systems for many industries such as Medical (Medical Claims and Eligibility Warehouse, HMO Provider Management, Enrollment), Financial (credit card processing, mortgage, stock portfolio management), Manufacturing (Assembly Line and Product Assemblies), Sales, Auto Auctions and more.