ten ways to destroy your database
Post on 07-May-2015
1.132 Views
Preview:
TRANSCRIPT
10 WAYSTO WRECK YOUR
DATABASE
Josh BerkusPostgreSQL Experts, Inc.For O'Reilly Media, July 2009
REVENGEagainst your boss
guarantee yourself
JOB SECURITY
ensurePROJECTFAILURE
make sureNOBODY KNOWSTHE REAL DATA
open adatabase
BACKDOOR
force a
TOTALREWRITEof the code
SLOWDOWNthe application
to a crawl
make those stupid
DEVELOPERSMISERABLE
10 Waysto:
Lose DataBe Insecure
Become Unmaintainable
Stife Changesand
Make Everyone
Miserable
One Big Spreadsheet
2. ranDom_naming(s)plural vs. singular
● users● forum● threads● posts● message
● profle● styles● images● survey● faqs
2. ranDom_naming(s)camel vs. underscore
● users● threadCategory● threads● posts● privateMessage
● userProfle● user_styles● post_images● survey● faqs
2. ranDom_naming(s)felds
● users● frstName● last_name● login● email● crt_date● lstLogin
● users● is_active● ACL
2. ranDom_naming(s)Hungarian Notation
● tblUsers● txtFirstName● str_last_name● txtLogin● email● dtcrt_date● tmslstLogin
● tblUsers● bool_is_active● int4ACL
3 & 4We don't need no
stinking keys
3. No Real Keys
● Users● userID AUTONUMBER PRIMARY KEY● frst_name● last_name● login● email● is_active
3. No Real Keys
ID first_name last_name email login password active level21 Josh Berkus josh TRUE u47 Joshua Berkus TRUE u198 Josh Berkus FALSE u204 Josh Berkus TRUE a
josh@pgexperts.com jehosaphatjosh@pgexperts.com joshb dbguyjosh@postgresql.org joshb jehosaphatjosh@agliodbs.com jberkus joshiam
4. No Foreign Keys
users.loginJosh Berkusjberkus
selena
posts.contentJosh Berkus
I'm going crazy!
What's up?
Why?
OSCON! It's too much!
I told you so ...
jerkyboywww.pornking.com
www.whitehouse.com
www.whiteslavery.com
www.lolcats.com
4. Fun with Orphan Rows
users.loginJosh Berkusjberkus
selena
posts.contentJosh Berkus
I'm going crazy!
What's up?
Why?
OSCON! It's too much!
I told you so ...
www.whitehouse.com
www.lolcats.com
4. Fun With UpdatesINSERT INTO threads VALUES ( .... );if $dbh('success') then while $these_posts.date > $cutdate UPDATE posts SET thread = $newthread
WHERE id = $these_posts.id; if not $dbh('success') then while $these_posts.id > $last_id UPDATE posts SET thread = $oldthread
WHERE id = $these_posts.id; DELETE FROM threads
WHERE id = $newthread;
5. No Constraints
● Users● userID AUTONUMBER PRIMARY KEY● frst_name TEXT● last_name TEXT● login TEXT● email TEXT● is_active TEXT
5. No Constraints
● Users● userID AUTONUMBER PRIMARY KEY● frst_name VARCHAR (30)● last_name VARCHAR (30)● login VARCHAR (20)● email VARCHAR (40)● is_active BOOLEAN
5. No Constraints
first_name last_name email login password active levelJosh Berkus TRUE aNULL NULL k NULL FALSE uMike Hunt c34521 c34521 TRUE I
S F gavin twitter NULL x
josh@pgexperts.com jberkus jehosaphatkelley@ucb
www.pornking.comgavin@sf.gov
6. Non-Atomic Fields
nameJosh Berkus
statusa
SELECT SUBSTR(name,STRPOS(name, ' ')) ...
… WHERE status = 'a' OR status = 'u' ...
6. Non-Atomic Fields
nameJosh Berkus
statusi
SELECT SUBSTR(name,STRPOS(name, ' ')) ...
… WHERE status = ??? ...
6. Non-Atomic Fields
● Account Type● 5400 active individual● 5401 inactive individual● 5600 active board individual● 5601 inactive board individual● 6600 active corporate donor● 6601 active corporate board member● 6602 inactive corporate donor● 6603 inactive corporate board member
7. Magic Numbers
ID = 0
7. Magic Numbers
ID = 0SELECT case_file, count(1)FROM case_events WHERE ID > 0AND scheduled = TRUEGROUP BY case_file;
7. Magic Numbers
2008-02-30
7. Magic Numbers
2008-02-30SELECT user_id, min(date)FROM user_postsWHERE NOT (
extract(month from date) = 2and extract (day from date) = 30 )
GROUP BY user_id;
7. Magic Numbers
-1, 1, 2, 3, 4, 5, 100
7. Magic Numbers
-1, 1, 2, 3, 4, 5, 100SELECT household, avg(headcount)FROM houseWHERE headcount BETWEEN 0 and 99GROUP BY household;
7. Magic Numbers
$-0.01
7. Magic Numbers
$-0.01SELECT *FROM invoicesWHERE total <> $0.01 AND sent_on IS NULL;
7. Magic Numbers
Document themonly in your code!
8. Polymorphic Fields
NameJosh Berkus Individual EmailJohn Dillinger Board Phone 415-555-1212Pearson Company NULLClorox Company Jackie 510-555-1111 x202
AccountType PrefContact ContactInfojosh@pgexperts.com
www.pearson.com
9. EAV (entity-attribute-value)
ID Property Setting
407 Eyes Brown
407 Height 73in
407 Married? TRUE
408 Married? FALSE
408 Smoker FALSE
408 Age 37
409 Height 66in
9. EAV (entity-attribute-value)
● Diffcult tasks:● Find out how many men have brown hair and are
over 6 feet?● Make marital status and age required, but not
other things.● Apply constraints to feld values.
9. EAV 2.0: E-BLOB
ID Properties
407 <eyes=”brown”><height=”73”> <married=”1”><smoker=”1”>
408 <hair=”brown”><age=”49”> <married=”0”><smoker=”0”>
409 <age=”37”><height=”66”> <hat=”old”><teeth=”gold”>
10. Let The ORMTake Care Of It
The Ten Ways
1.one big spreadsheet
2.random naming
3.no keys
4.no foreign keys
5.no constraints
6.non-atomic felds
7.magic numbers
8.polymorphic felds
9.EAV & EBlob
10.ORM
Ten Ways to Fix Your Database
1.normalization
2.consistent naming
3.keys
4.foreign keys
5.constraints
6.atomic felds
7.atomic felds
8.atomic felds
9.limit EAV & EBlob
10.DB design
More Wreckage● Simplifying Database Design Tutorial
– OSCON, Monday 8:30 AM● PostgreSQL Day San Jose
– Before OSCON, Sunday 19th, all day– wiki.postgresql.org/wiki/PgDaySanJose2009
● Me– PostgreSQL Experts: www.pgexperts.com– blog: it.toolbox.com/blogs/database-soup– email: josh@pgexperts.com
This presentation copyright 2009 Josh Berkus, licensed for distribution under the Creative Commons Attribution License.
top related