|
Jörgen Andersson wrote: No real difference if you use parameterized queries.
Not true. You can set a DB so that the application has access ONLY to EXECUTING the stored procedures, if you exclusively use stored procedures. So having suddenly becomes much harder.
Otherwise you HAVE to give read and write access to the tables to your application - MUCH less secure.
|
|
|
|
|
Minimizing the attack surface. You're quite right, and I stand corrected.
My five.
|
|
|
|
|
Mehdi Gholam wrote: after all the questions I have answered here I thought a more substantial one was needed here.
Why?
Mehdi Gholam wrote: Your thought please
Sometimes they're an advantage, sometimes they're not. Sometimes I use a hybrid version, where I store my inline-SQL in a textfile. Sometimes it pays to have the flexibility of updating without recompiling.
Promote experimenting
Bastard Programmer from Hell
|
|
|
|
|
Eddy Vluggen wrote: Sometimes it pays to have the flexibility of updating without recompiling.
Perhaps for internal applications, but not when the application is sold to clients.
|
|
|
|
|
I think we need to differentiate the developers here, commercial and corporate, there are completely different mindsets required for the each of these
As a corporate developer I can understand Eddy's stance, as a commercial developer I guess you would be horrified.
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
PIEBALDconsult wrote: Perhaps for internal applications, but not when the application is sold to clients.
Good point
Bastard Programmer from Hell
|
|
|
|
|
Pls can someone direct me to where i can get tutorials for MySQL workbench 5.2.34 CE
|
|
|
|
|
See my answer I posted in the Q&A[^] you created.
0100000101101110011001000111001011101001
|
|
|
|
|
Hi wonderful experts, this problem has become a headache to me and so I consult you.
I need to generate IDs that are unique for records. I want the IDs to include the year in which the record is added to a table. So for instance, the first record will have an actual value of say
10001
but because i want the year to be part of the ID and where for instance the record is added in the year 2011, I will want the ID to be
201110001
The subsequent records to follow will have IDs as
201110002
201110003
201110004
201110005
.........
.........
.........
where the numbers have been stuck to the year to generate the IDs. Then during the next year which will be 2012, the first record in that year will start the count from 10001, and when stuck to the year, subsequent IDs will be
201210001
201210002
201210003
201210004
.........
.........
.........
I want all these records to be in the same table. I have been thinking of ways around this but I don't get a way of achieving this. Please help if there are ways to do this. I'm using Microsoft SQL Server 2005. Thanks.
|
|
|
|
|
Personally I would create a table to define the sequence, start the value at 10000, increment it as necessary, and reset it when the year rolls over.
What do you plan to do if your sequence exceeds 99999?
|
|
|
|
|
Dan_K wrote: I want the IDs to include the year in which the record is added to a table
Mistake number 1, commited by all newbie database designers, yup every one of them unless somone intervenes.
A primary key should not hold any intelligent information, if you want the year the record was created then add a datetime field for the job DO NOT USE THE PRIMARY KEY.
Piebald will tell you to use GUIDs, I like IDENTITY myself but that is just preference, neither has any intelligence in the information, it is ONLY there to identify the record and should not be used for any other reason, this includes sorting. You do not care if there are gaps or missing records or the sequence changes, it is only to identify the record.
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
well, to be fair he never actually says that he is using this as a primary key. It may be something like a business transaction id, where for audit purposes there must never be a gap in the sequence. Think payments between bank accounts: if there is a gap in the sequence numbers, what happened to that missing payment? It will ring an alarm bell with the auditors and they will want an explanation.
|
|
|
|
|
Oooh I hate it when someone brings logic to a good rant
You are quite right in that a sequence may be a business requirement, I just focussed on the IDENTITY and went into rant mode, I'll bet you a beer that is NOT what he had in mind though.
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
In fact the OP doesn't say that there should be no gaps, just that the id should be unique, so I think you are probably right. Even if he did want no gaps, IDENTITY would be the wrong solution since it doesn't guarantee no missing values in the sequence.
|
|
|
|
|
That's kinda what I figured. I recall back when I was using OpenVMS, support calls got an ID number of the form YYMMDDxxx where xxx began at 001 each day and incremented throughout the day (I hope they didn't get more than 999 calls in a day). It made for a more memorable ID.
And, no, it wouldn't have to be used as the primary key (but maybe it was).
|
|
|
|
|
I'll bet money it was. It's so tempting, there's this little voice inside your head whispering "Just do it, you know you want to..."
|
|
|
|
|
David Skelly wrote: Just do it, you know you
Shaddup shaddup - I recently listened to that lying bastard and did not use a separate primary key for a minute dimension table (2 records) bastard came back and bit me AGAIN, I hate that little voice.
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
Holmes I think I will want the beer for myself, though you were right. I won't take much just five bottles. I initially had in mind of making that column a primary key but I think I need to be careful with that. I need to find another approach. Thanks all, and I'm really enjoying your discussions too.
|
|
|
|
|
Thats easily fixed, create a PK column using IDENTITY() and another column calculating the structure you want as your key field, the key field is for user consumption only and must NEVER be used to identify a record internally, only from the user. The key field should have a unique constraint.
If you want to make the key field calculation transparent you can put it in a trigger (I loathe triggers) but I would put it into the insert procedure (I ALWAYS use stored procedures, my preference)
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
In the Identity versus GUID arena, if you are or will be using replication, avoid the use of Identity fields - it can causes huge headaches.
Tim
|
|
|
|
|
Hear hear!
But it's not really a matter of Identity versus GUID, it's a problem with the keys being auto-generated by the engine rather than the application. You can use either an integer or a GUID and set it yourself; there's nothing magical about GUIDs here.
|
|
|
|
|
hello friends.,
here I have an query which needs to pick up the complaint number which was not solved within the time frame like 6hours from the time that complaint was registered, and here i have 4coloumns saying compdate,comptime,forwardeddate,forwardedtime which are of nvarchar data type in the table urbrur means urban rural.
So for this from the net i found one query i.e,
"select compno from urbrur where forwardedtime>DATEADD(hour,6,@time)";
for that @time they used some fixed date time like
Set @Time='09/16/2011 10:00:00'
but here i can't use it because as in my table the date and time are in separate columns having datatype i.e, nvarchar and I don't want this type of fixed values, it should take the values from the date n time columns in the database . .
So friends i think i gave an complete descrption to my query so kindly do concerned to my problem and give favorable reply . .
I'm very thankful to u all,
praveen
|
|
|
|
|
I'm not sure I understand the question, but perhaps you want to select rows where the comptime IS NULL and the forwardedtime is less than six hours ago (from the current time)?
praveengb wrote: in my table the date and time are in separate columns having datatype i.e, nvarchar
That is not a good design. You should probably have just a single DateTime field for each.
|
|
|
|
|
sir this project is running from past 1 year where we can fetch date and time wise report through crystal report but now the task is to fetch using time frame like 6hrs or 24hrs...
|
|
|
|
|
As PBC has already pointed out your database is not designed to support the query you want to run. There is no easy fix, either you will need to change the table design, or in your query you will need to concatenate the date and time values together and then convert to DATETIME datatype so that you can do the DATEADD function. That will work, but it will be quite slow if you have a large table to query so the best solution is to change the table design if you can.
|
|
|
|