Microsoft SQL Server email validation - sql-server

Using Microsoft SQL Server 2005 and above, what code do I use to validate that an email address is correct?
Is there an email data type?
Is there an email check constraint?
Is there an email rule?
Is there an email trigger?
Is there an email validation stored procedure?

I don't usually recommended using a CLR Stored Procedure, but this is a good use of one. SQL's string handling capabilities are not great, whereas using .NET Regex in a CLR Stored Procedure is straightforward and you can use one of the many existing Regex patterns to meet your needs (such as one of these). See Regular Expressions Make Pattern Matching And Data Extraction Easier
Failing that (some DBA's are very strict about enabling the CLR feature), perhaps this might be of interest:
Working with email addresses in SQL Server
Update: in response to question in comments: A CLR stored procedure is a database object inside an instance of SQL Server that is programmed in an assembly created in the Microsoft .NET Framework common language runtime (CLR), such as Visual Basic or C#.
Creating a CLR stored procedure in SQL
Server involves the following steps:
Define the stored procedure as a static method of a class in a language
supported by the .NET Framework. For
more information about how to program
CLR stored procedures, see CLR Stored
Procedures. Then, compile the class to
build an assembly in the .NET
Framework by using the appropriate
language compiler.
Register the assembly in SQL Server by using the CREATE ASSEMBLY
statement. For more information about
how to work with assemblies in SQL
Server, see Assemblies.
Create the stored procedure that references the registered assembly by
using the CREATE PROCEDURE statement. Ref.
See Writing CLR Stored Procedures in C# - Introduction to C# (Part 1)

You can write managed SP using Regex class. email validation according to RFC is complex thing.
We simply query AD for user existence.

There isn't a built in mechanism in SQL Server for validating email addresses.
There are numerous regular expressions around that validate an email address (some are much longer than others) e.g. here, see in particular "The Official Standard: RFC 2822" reg ex.
Now, SQL Server doesn't have built in support to run regular expressions so if you truly wanted to do it within SQL, you'd need to use the CLR functionality - i.e. write a .NET function that performs the validation, which can then be called from SQL.
However, I'd be validating the email address earlier, before it comes in to the database.

If OLE automation is enabled, you can easily create a UDF to handle regexes, and then just call that:
CASE WHEN dbo.RegExFind
(
'joe#stackoverflow.com',
'^[a-z0-9][a-z0-9._-]*#[a-z0-9][a-z0-9.-]*[a-z0-9]\.[a-z][a-z]+$',
1 -- Case-insensitive or not
) = 1 THEN 'OK' ELSE 'Not OK' END
I don't recall where I got the code for my RegExFind() UDF, but it looks like the code is already present on StackOverflow, here.

As others have mentioned you can use a regex to validate the emails but with limited accuracy.
-- you could, but not recommended
SELECT email, email LIKE '%_#_%.__%' AS isVaild FROM people;
You may find it better to use a service like Real Email to validate the emails, which not only checks if the email looks correct, but if the domain and account are valid.
You could export your data as a csv then validate it. For more see How to validate emails in an sql database.

Related

Write a CLR stored procedure

I would like to use existing Delphi code to write SQL Server stored procedures.
In the past I used extended stored procedures, somehow a dll compiled by Delphi wrapped by a SQL Server extended stored procedure.
Extended stored procedures are now deprecated, so somehow I wonder if there is a solution, even in the "trick domain", like some sample CLR code that wraps a normal dll or something like that.
Just to give you an example:
I insert in the db some documents by encrypting them and I would like to create a kind of API based on SQL Server functions / procedures for inserting or reading documents, so other people accessing sql server can call those functions.
Of course an alternative solution is to use webservices but I would like to try the SQL Server way first.
Note: I don't want to use Delphi Prism, my code is for XE2.
Unsafe SQLCLR assemblies can p-invoke native dlls. A better way would be to expose the native DLL services as a COM interface and use COM interop from SQLCLR, or even call the COM APIs directly from SQL via OLE Automation Procedures. An even better way would be to rewrite the Delphi code as CLR code and invoke it directly as SQLCLR procedure. And the best way would be to use SQL Server native encryption features.
Not to mention the fact that CLR in SQL Server is a guaranteed deep performance hit. Keep to the standard CRUD operators and you should be fine. The other way to do it is to use the file system as your encryption mechanism. If you are only trying to prevent casual access to docs this is a fine way to go. Otherwise it might be time to rethink your access protocol.
CLR in SQL Server is a convenient bad idea. Use it sparingly if at all.

How to CREATE PROCEDURE in H2

This seems to be a duplicate of the other question with the same title, but it actually isn't.
We have our business logic implemented mostly as DB2 stored procedures (I see that H2 has a DB2-compatibility mode - nice!).
How can we use H2 for in-memory unit testing with these procedures?
Unfortunately H2 seems to lack the CREATE PROCEDURE command from its grammar.
I don't want to use Java functions as stored procedures. It would be best if the very same sql files could be used for testing and production as well... am I asking too much?
EDIT: we also use SQL cursors... again, no sign of support :-(
Unfortunately, the compatibility mode doesn't go as far as supporting SQL prodecures. Currently, the only solution is to use Java functions. SQL cursors are also not supported, sorry. But I will add these feature requests to the roadmap. Patches are welcome of course :-)

Programming for various database

I'm wondering for those enterprise programs, how do they link to various type of database just by stating the connection string?
Issues like different syntax, variable type will definitely be there.
Apart from stored procedures for each type of database, how else do they handle in terms of their programming?
1 way that came to my mind is just if else checking of database in order to populate different query.
Asking as I'm curious while using a engine which is built in C++ and jsp, but could support SQL Server, Access, MySQL, Oracle
ORMs tackle this problem by introducing a level of abstraction between the database and the domain model. For example with Hibernate you change the connection string and the dialect and HQL queries and Criteria APIs are automatically translated into the proper SQL for the target database.
Of course this assumes you never write a single line of SQL in your application or anything which is specific to the database.

How do I select a regex match from a text/varchar in MS SQL?

I need to extract something from a long piece of text across lots of db rows, in a Microsoft SQL Server database.
I could write a script to loop through and extract it, but I was hoping there was nice simple way I can do some SQL like:
SELECT IpAddress = matchFirst('RegEx',ColName)
FROM table
WHERE conditions
I've looked about but all I'm finding is unclear long-winded ramblings about using regex in the where clause and CLR UDFs and stuff - but all I want is a simple "insert regex here" answer.
Anyone ideas?
If you're looking for a simple solution I would suggest using the SQL# library which basically contains the UDF you need and you'll find referenced elsewhere.
Once that's installed (it's reasonably painless to install) you will find a function called RegEx_MatchSimple which I believe is what you need.
i know sql has at least some slight reg-ex compatibility, since you can do the following (sql 2005, 2008)
select *
from table
where CharField like '[a-z]%'
perhaps if you tell exactly what you need your regex to do someone might be able to give you a sql equivilent.
There isn't support for regular expressions built in to TSQL, so unfortunately there isn't an immediate way to just do it.
So you could either:
1) write a UDF function that performs string manipulation to try to parse the IPAddress out of a supplied string (i.e. using the functionality TSQL does support like PATINDEX, SUBSTRING etc) - if you didn't want to use SQLCLR for whatever reason
2) use SQL CLR to allow you to run regular expressions in a query - would need a .NET assembly to do the reg ex stuff, that can then be hooked into and called directly from your SQL query. The code to do this is already out there in a number of places. Apologies if this is one place you already looked, but have a look at this MSDN blog post - that gives the .NET code for the regex stuff, and an example of how to use it. And also this MSDN article on How to create and run a CLR SQL Server User-Defined Function

SQL Server stored procedure question

I have a SQL Server stored procedure which has been in use for years. This stored procedure calls lots of other procedures. I would like to extract each inside procedure one at a time and implement its business logic to a .NET Class project.
In order to do that, I have to call .NET assembly from parent stored procedure and the returned result will be used by parent procedure. Since SQL Server 2005 and higher has CLR integration, so I think, executing .NET assembly inside stored procedure [or any Database objects] should not be a big deal, can you please point me some references where i can find examples or article to implement it?
Thank you very much for your help .
I really feel that this would be an inappropriate use of SQL CLR. The purpose of CLR integration is to support complex data types and operations that are normally very hard to do in pure SQL (such as sequences, regular expressions, hierarchy, geospatial, etc.) Not to implement a domain model in your database.
Domain models and business logic are separate from relational/data models. They should be in a proper business tier of some sort. Don't hack them into a database using the CLR.
(Note: I use SQLCLR a fair bit. I am not railing on CLR integration. I just don't think that this question reflects a wise design decision.)
MSDN
Building my First SQL Server 2005 CLR
An Intro to CLR Integration in SQL Server 2005
For loads more ;)
I think you should use SQL Server Integration Services (SSIS). As far as I understand, it solves this case, to orchestrate the procedure calls and gives you much more too..
I'm not too sure if moving this decision outside the db layer is a good decision.
Hope it helps..

Resources