I presented a webinar today about SQL Injection, to try to clear up some of the misconceptions that many other blogs and articles have about this security risk. You can register for the webinar even now that I’ve presented it, and you’ll be emailed a link to the recording, which will be available soon. During [...]
News Flash: SQL Injection Still a Problem
July 18, 2012 By 3 Comments
The threat of SQL injection has appeared prominently in the news recently: An SQL injection vulnerability resulted in an urgent June bugfix release of Ruby on Rails 3.x. Make sure you upgrade if you use Rails 3.0, 3.1, or 3.2! Also you should disable mass assignment in any Rails project. Yahoo! Voices was hacked in July. The [...]
Announcing Percona Live MySQL London
June 27, 2012 By 6 Comments
Looking for a great opportunity to share your MySQL knowledge with the MySQL community? Here is your chance. Percona is happy to announce that the dates of the Percona Live MySQL London Conference have been set for Dec. 3-4, 2012. Call for speakers is underway and will be open until August 17th, 2012. The conference [...]
Eventual Consistency in MySQL
November 18, 2011 By 8 Comments
We’re told that foreign key constraints are the best way to enforce logical referential integrity (RI) in SQL, preventing rows from becoming orphaned. But then we learn that the enforcement of foreign keys incurs a significant performance overhead.1,2 MySQL allows us to set FOREIGN_KEY_CHECKS=0 to disable enforcement of RI when the overhead is too high. But [...]
Moving Subtrees in Closure Table Hierarchies
February 14, 2011 By 18 Comments
Many software developers find they need to store hierarchical data, such as threaded comments, personnel org charts, or nested bill-of-materials. Sometimes it’s tricky to do this in SQL and still run efficient queries against the data. I’ll be presenting a webinar for Percona on February 28 at 9am PST. I’ll describe several solutions for storing [...]
