Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I am using foreign key constraints in the database structure. At the same time, Im also validating the data that will be coming from the client side.
For example, when a user submits a form that contains a "customer" field and its primary key as value, I am going to check whether this customer exists before doing a database insert. Even though I have already set a foreign key constraint.
Is the method Im doing a bit redundant? Or is it REALLY redundant?
It's not redundant, because you're serving two different purpouse:
the client-side check is to improve user experience, and to tell the user what's wrong with what he has submitted; you can catch an error before it reaches the DB, and give him a proper error message, not a MySQL ugly one
the server/DB-side check(s) are in place to protect your application, from errors or malicious behaviours (injection and so on)
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
So I'm having some trouble explaining to my buddy why a specific piece of code is "bad practice", does anyone know where I can find some information on why it's a bad way to do it? (Or maybe it's just me who think it's bad).
Here's what he wants to accomplish:
Create a "dynamic form input", so he will create a table with different types of cols. And then in the file that shows the form he will just make alot of different "if type == varchar" etc. and then display a form after that
When saving a form he will loop thru all the $_POST data and insert it into a table depending on the key's etc.
He want's to make everything dynamic and I can see why that could be cool, but in my book this seems to be very bad practice, so is there a better way to do this or is there some articles I can show him about why this is bad etc.?
Everything is for a private admin panel, but still I feel there is a lot of issues.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
My quick question is that I have a table that records users relations: userRelations(id, userID_1, userID_2, relationshipType, dateCreated). Now how do I create a log to see what was changed? Or by whom? Most of it is done php and then inserted into the table, but which columns must I have ?
EDIT: My difficulty was to understand the process of making a log, how to record, what to record, how many tables and such, I couldn't think clear enough to organize and say "This is what I need"
Create a new table that is updated each time this table is updated with the following headings
id,
userRelationsid (or shorten this if possible),
updatedby,
updatedrelationshipfrom (or shorten this if possible),
updatedrelationshipto (or shorten this if possible),
dateupdated,
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I need to create a quiz site and I'm not sure about how should I proceed with statistics. The site needs to track each users progress (which answer was answered how, how many time does it take to answer each question etc).
Should I create a new table (let's say 'statistics), and should I create a new row each time a user has finished a quiz? So, statistics:
user_id
quiz_id
answers (in serialized form, because the amount of questions is variable)
time_of_answer (same as above)
points_for_each_answer (same as above)
Wouldn't this be too slow, if the admin wants to check some stats, let's say: how many users have correctly answered the question #2 under the 3rd quiz?
Don't serialize answers if you need them as a real entity - just give them a quiz_id foreign key so you know to which quiz they belong, use proper indexes, and everything will run smooth.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
What is the mysql database best practices for multiple users?
When build a SAAS cloud projects are you best to have a new database for all users or put a users data in their own table or just put it all in the same database and use primary key to find a users data?
What are the pro's and con's?
I NEVER create per-used tables. If the logical meaning of the data is the same, then they should share a table. I also never allow automatic creation of tables - creation of tables is done by a DBA, by hand (sometimes by running a program or a script, but always initiated by a human being.
I also have a hard-and-fast rule to have static SQL (using bound parameters for values only). This lets me keep tight control of what is read from/written to the database, and where - very important to avoid SQL injection.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I have a beta signup form, I need to know how do I check to make sure the email address is not already in the database, and if it is not add it, if it is return a message.
I am hoping I don't have to do a find and then an if and then an insert, but something tells me I will have to.
You can create a unique index on email and then perform an insert in safe mode. If email is taken, you'll get an error. You won't get this error if there's no unique index or operation is not in safe mode.
I personally would do a simple find. For example, on this signup form when user entered his email and moves to the next field, I'd fire a quick ajax request to the server and find out if this email is taken or not and display result of this check in the form. This, of course, does not replace the need for unique index and safe mode (google race conditions).