Performance – Inline SQL vs Parameterized Queries

February 25, 2016October 15, 2018 markneustadtC#, Database, PerformanceLeave a comment

In the search for better and better performance, there are many techniques developers can use. A technique used early on by some entry level or “still learning” developers is to build inline SQL. That looks something like this:

string name = "Mark";
string query = "SELECT * FROM users WHERE FirstName='" + name + "'";
OleDbCommand cmd = new OleDbCommand(query);
OleDbDataReader reader = cmd.ExecuteReader();

There are steps missing… this is just example code

This is something more seasoned developers learn to avoid almost immediately. There’s a variety of reasons why inline SQL is bad. The most important reason is security.

However, there’s another reason to avoid it. Performance.

Continue reading “Performance – Inline SQL vs Parameterized Queries” →

Data Auditing

March 11, 2015October 15, 2018 markneustadtDatabase, Programming, TechnologyLeave a comment

For work, we are going to have to have a complete audit trail of all our data. Here’s the strategy I’m planning on implementing.

Continue reading “Data Auditing” →

Data Segregation in a multi-tenant system

March 11, 2015October 15, 2018 markneustadtC#, Database, ProgrammingLeave a comment

God that’s a sexy title! Hahah…

This post is all about keeping customer data out of the hands of other customers. There are many options that can be implemented. I found three likely candidates and chose one. Here’s the one I chose and why I chose it.

Continue reading “Data Segregation in a multi-tenant system” →