10. Add a Low Privilege Account to the Admin Role
9. @@IDENTITY vs. SCOPE_IDENTITY
8. Fetch Semi-static Data on Each Request of a Resource
7. Include SQL Data Manipulation Language in Application Code
6. Abuse SELECT *
5. Create Stored Procedures without Exception Handling
4. Prefix Stored Procedures with "sp_"
3. You Don't Protect the Database Connection String
2. Accept All Input
1. Access the Database from the Application with the "sa" Account
[Via dotnet junkies]
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.