Defensive database programming- robust code with T-SQL?

Question

In the application development there is a concept of defensive programming. How to implement defensive programming techniques and writing robust code using Transact-SQL?

Answer 1

• Simple Talk...
• ...books
• SQL Server Central
• Alexander Kuznetsov (who is SO user AlexKuznetsov)

More generally

• Understand TRY..CATCH and error handling
• Datatype safety (no number compare against nvarchar for example)
• Understand transactions
• Consider stored procedures
• Understand SQL injection

Answer 2

To add to what Scott said:

• Use TRY / CATCH which is now supported in SQL Server
• Validate the parameters of your procedures and use RAISERROR when things don't pass
• Use transactions (carefully)

Answer 3

IF EXISTS()

is something that should be used a lot more often in T-SQL I think. A lot of times when developers write SQL code they don't think in terms of exceptions and faults as they do when writing regular code.

Answer 4

To consider the psychological angle to your question, you may find DBA Survival Skills – Think Defensively to be interesting reading.

Answer 5

In addition to what all the others said, enforce data integrity in the database!