应用程序开发人员常见的数据库开发错误有哪些?
当前回答
a)在字符串中硬编码查询值 b)将数据库查询代码放在Windows窗体应用程序的“OnButtonPress”操作中
两者我都见过。
其他回答
不使用参数化查询。它们在停止SQL注入时非常方便。
这是一个不消毒输入数据的具体例子,在另一个回答中提到过。
开发人员所犯的关键数据库设计和编程错误
Selfish database design and usage. Developers often treat the database as their personal persistent object store without considering the needs of other stakeholders in the data. This also applies to application architects. Poor database design and data integrity makes it hard for third parties working with the data and can substantially increase the system's life cycle costs. Reporting and MIS tends to be a poor cousin in application design and only done as an afterthought. Abusing denormalised data. Overdoing denormalised data and trying to maintain it within the application is a recipe for data integrity issues. Use denormalisation sparingly. Not wanting to add a join to a query is not an excuse for denormalising. Scared of writing SQL. SQL isn't rocket science and is actually quite good at doing its job. O/R mapping layers are quite good at doing the 95% of queries that are simple and fit well into that model. Sometimes SQL is the best way to do the job. Dogmatic 'No Stored Procedures' policies. Regardless of whether you believe stored procedures are evil, this sort of dogmatic attitude has no place on a software project. Not understanding database design. Normalisation is your friend and it's not rocket science. Joining and cardinality are fairly simple concepts - if you're involved in database application development there's really no excuse for not understanding them.
第一个问题?他们只在玩具数据库上测试。因此,他们不知道当数据库变大时,他们的SQL将会爬行,并且稍后必须有人来修复它(您可以听到的声音是我咬牙切齿的声音)。
不使用索引。
忘记在表之间建立关系。我记得当我刚开始在我现在的雇主工作时,我不得不清理这些东西。
推荐文章
- 获得PostgreSQL数据库中当前连接数的正确查询
- MySQL数据库表中的最大记录数
- 从现有模式生成表关系图(SQL Server)
- HyperLogLog算法是如何工作的?
- 数据库和模式的区别
- 如何从命令行在windows中找到mysql数据目录
- 货币应该使用哪种数据类型?
- 如何找到MySQL的根密码
- 将表从一个数据库复制到另一个数据库的最简单方法?
- 什么是分片,为什么它很重要?
- 数据库触发器是必要的吗?
- 为什么我应该使用基于文档的数据库而不是关系数据库?
- 哪个更快/最好?SELECT *或SELECT columnn1, colum2, column3等
- 将值从同一表中的一列复制到另一列
- 什么是数据库池?