Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuck
Buy Now
-
Manager: "we need an SQL database"
Dev: dude does he even know what he's talking about
Dev: "so which color?"
Manager: "idk well I think a blockchain has the most RAM"10 -
So I went for interview today.
.
.
Interviewer : Can u give some theory test about php?
Me : Sir, Can u please open your site?
Interviewer: sure 🙂
Me : Sir, I just logged in as Owner of ur company, Your site is not protected from sql injection.
Interviewer : 😌😌
Me : Sir, test?? 😜
xxxxxxxxxxx -------------------- xxxxxxxxx22 -
Fucking backend "developer" decides to store data in an SQL database in a coma seperated format instead of using... fucking SQL.
And now refusing to delete an entry by ID because he has to parse every fucking row using contains () simply because "why do I need the relation? I can just store them in ome row comma seperated. It's more efficient"
You fucking retard, this is why every fucking service you make takes months to develop.You could've just "delete from x where id = y"... but nooooooo, storing comma seperated data in an SQL db is wayyyy better because now we need to sacrifice a fucking goat in order to do what could've been a 1 minute...ONE FUCKING MINUTE job!
Oh and you have to use stored procedures because you're a database optimization guru... what an idiot. Not only you can't design a db if your life depended on it, you also code in ways you don't understand.
FUCK YOU... I KNOW FRESH STUDENTS BETTER THAN YOU AND YOUR PATHETIC 6 YEARS OF EXPERIENCE... MY ASS26 -
Fucked up an sql join once and accidentally deleted myself from the employee table in the prod database. So I kinda fired myself... Good thing we had backups. 😂2
-
Mom:What are you studying?
Me:Types of SQL Injection
Mom:U r in engineering?Right?So why are u studying types of Injections?
Me:🤦♂️😂😂11 -
I worked on a greenfield project a couple of years ago. The company had an old solution written in Omnis (heard of it? Yeah, me neither) with an SQL database. My team was to create a completely new web based system... on top of the old database, so the customers could keep their existing stuff.
The dba was an intelligent man, one of the nicest people I've met, and over the course of fifteen years he had made a remarkably terrifying monstrosity of a database. Some years before me they wanted to "future proof" the system and make it "easier to switch to new technologies". So they moved the entire business logic into the database...
I used a tool to create a visualization of said database when we started. It had no views, only tables and sprocs. Look at it! Tables and sprocs are rectangles (well, dots) and any connections are drawn in grey lines. There were no foreign keys, so a tables only visualization only yielded a collection of independent rectangles without a single line.
Now, the stored procedures were bloody MASSIVE. A single procedure that only registered a new interested party and attached them to a property had 2500+ lines and over 150 parameters.
Also, this dba added features and fixed bugs by logging into the respective customers production server and writing SQL.
That database is the stupidest thing I've ever seen a developer do.
38 -
Company: "We'd like to use SQL Server Enterprise" MS: "That'll be a quarter million dollars + $20K/month" Company: "Ok!" ... Company: "We'd like to use Babel" Babel: "Ok! npm i babel --save" Company: "Cool" Babel: "Would you like to help contribute financially?" Company: "lol no"3
-
I worked at a place where the help desk guys did the good ol' "I'll send an email from your laptop if you walk away without locking it and tell everyone lunch is on you" routine. After it happened to me about 3 times I was like, "I gotta get this help desk prick back!" So after several failed attempts at walking by his pc when he walked away it instantly hit me how I can punk him back.....SO, I logged onto SQL Server, clicked open a new query window and typed up a dbmail command and on the @from parameter I set it to the help desk guy's email address. His face was PRICELESS when I was shooting off emails to the entire IT dept on behalf of him WHILE he was sitting in front of his PC. Lesson is: don't fuck with dev help desk dude! 😎😜2
-
I remember some years ago when a professor asked -
"What is the difference between SQL and MySQL?"
And one of the students answered -
Uh... I don't know... SQL is more like a general SQL and MySQL is a personal SQL...
:|7 -
When you see a web service API accepting a SQL query in one of its JSON fields and the evil starts growing within you..
DROP ALL DATABASES
Just because you can!
4 -
Just found out there's a legit Dutch DJ call "SQL".
Guess what type of posts he's being tagged in mostly?
8 -
If you thought your legacy code was bad, this is what I'm dealing with. The below SQL is stored in a cookie on login and executed to on every further request to determine the user / privileges.
15 -
You know you've had to deal with a tough database problem at work when you start seeing SQL in your own kitchen... (It says SOL meaning salt)
P.s. I sure hope this is how these memes work, because I want my avatar
16 -
We had issues with lack of disk space on our production SQL server. Another developer decided to delete the databases he thought weren't in use to clear some space.
Ever think about checking first?!
Production chaos!7 -
Way back when, someone named a critical table in our schema as plural, not singular. So it's a Dogs table not a Dog table. No other table is like that. In any case that forced our Hibernate entities to also be plural.
Dogs dogs = new Dogs() ;
List<Dogs> dogss = blahblah
You get it. And yes dogss is what collections of Dogs entities are called.
Today I found out why the table is plural. It never dawned on me before, but the name of the table is Orders. The name of the table is Orders, you see, because Order is a reserved word in SQL. So clearly, there is no way to name your table that.10 -
Discovered one of the worst db designs ever:
- A cust is inserted in a table.
- The insert trigger is fired, calling a stored proc
- The stored proc being called creates a dynamic sql that builds a create table statement for 8 different tables. These tables will be postfixed with the newly-created cust id and is executed.
When querying info for a cust, a stored proc is used that accepts an id value would be appended to another dynamic sql that creates a select statement across all 8 tables for one customer.
Shoot me now.10 -
4 years ago, during our college, a friend of mine was explaining us about hacking using simple SQL injections. He showed us some of the sites he hacked. Out of curiosity we tried it on college internal website it worked. We had access to all the details of all the students in university, and even the lecturer's information. We informed the management , they were shocked on seeing this. They had just spent 25 lakhs for this website couple of months ago.8
-
Me: Enters SQL class
Prof: We will draw ERD diagram on awwapp
Me: (In my head - I hate ERD diagrams) start drawing the first ERD diagram
Prof: That diagram is wrong
Prof: opens SQL Activities_Solution.pdf on his PC
Me: Tried to change the file name on aws to get solution file - fail
Copy SQL Activities.pdf file url (https://url/courses/6429/...). Adds 1 to 1100726 = 1100727 and downloads SQL Activities_Solution.pdf
Open PDF in one tab and awwapp on another and just draw the solution
Prof: Are you sure this diagram is corect?
Me: (In my head - I copied the solution so yes) ...
Prof: Let me check the question
Me: (In my head - seriously? you don't know the answer)
Prof: Checks the correct answer on his PC and then checks the answer on my PC
Me: (In my head - completed another boring uni class) pack up and go home8 -
I recalled a seemingly simple task I took on.
We were building a booking system, and I had to figure out how to retrieve bookings by a certain date range.
Upfront, the tasked seemed simple until I realised I had to both figure out the logic and the SQL statements needed to retrieve all bookings within a certain date range in one query.
I ended up drawing a model to help me visualise the various date-range criteria to be satisfied. And used unit tests to help me think through each date range criterion and make sure they were accurate. Some were obviously from paranoia, but better to be safe than sorry...
After that, I had wrote down raw SQL directly into Sequel Pro first to make sure my query logic was accurate too, before translating into something the ORM equivalent. This was when I learned how to define and use variables in SQL. The variables were throw-away code; I just didn't want to have to hard-code the test date-ranges over and over again; minimise chances of spelling errors.
Needless to say, felt my problem-solving skills went up one level after this task. Saw my coding style and unit tests improve. And also the thought processes that go into how to maintain code quality...
4 -
1. Buy a road
2. Name it after an sql injection
3. Have mail delivered to you
4. ...
5. Profit... I guess?7 -
A Month ago...
Me: when are you going to complete the report
Friend: we can do it in minutes
Me: you can't Ctrl + c and Ctrl +v as there is plagiarism check
Friend: we have spin bot
Me: you do that now itself . if something happens? You can join me .
Friend: just chill
Now ...
Me: done with report
Friend: feeding it to spin bot!
Feeds text related to database security....
Spin bot:
Garbage collector == city worker
SQL statements == SQL explanation
SQL queries == SQL interrogation
SQL injection == SQL infusion
Attack == assault
Malicious == noxious
Data integrity == information uprightness
Sensitive == touchy
.....
Me: told you so...
**spin not == article rewriter3 -
Someone wanted to test if the I-Scout game was capable of preventing SQL injections 😂😂
The I-Scout game is by the way an indoor and outdoor game for scouts all over the globe..
2 -
Had a fight with a teacher today, he was teaching PHP to some new students, and I was doing my own stuff, then I suddenly saw a example of his code
Unsanitized SQL query staring at me
I asked him if there was sanitization anywhere in the code
He said: "We don't need to teach that stuff, it just confuses the students, that stuff belongs to advanced course or something."
I decided to give him the facts but no, still the same statement
Next time I'm going to drop his tables😠10 -
SQL gives me a hard on right now.
Two tables, 954 rows and 9414, connected via foreign keys and shit.
SELECT a_id,name,shit FROM table1 a JOIN table2 b ON a.id = b.a_id WHERE ((lower(name) LIKE '%lorem%') OR MATCH(name) AGAINST('lorem' WITH QUERY EXPANSION) OR name SOUNDS LIKE 'lorem')
and you got fuzzy search with resolved keys to another table in 0.047 sec, fuck me dude.5 -
Easy cop out for people who wrote code vulenerable to SQL injection: It's not a bug, it's a feature that let's users search using SQL syntax.2
-
Got hired as an SSRS engineer. Walked into work day 1 thinking I was a bad ass with my SQL joes2pros knowledge and quickly (and i mean quickly) got smacked down with what real SQL procs look like........should've renamed my title to SSRS reverse-engineer. Good times.2
-
This was WAY back in my first job as a programmer where I was working on a custom built CMS that we took over from another dev shop. So a standard feature was of course pagination for a section that had well over 400,000 records. The client would always complain about this section always being very slow to load. My boss at that job would tell me to not look at the problem as it wasn't a part of the scope.
But being a young enthusiastic programmer, I decided to delve into the problem anyway. What I came to discover was that the pagination was simply doing a select all 400,000 records, and then looping through the entire dataset until it got to the slice it needed to display.
So I fixed the pagination and page loads went from around 1 min to only a few seconds. I felt pretty proud about that. But I later got told off by my boss as he now can't bill for that fix. Personally I didn't care since I learned a bit about SQL pagination, and just how terrible some developers can be.5 -
Me: Give me all 500 of these IDs
SQL: Hang on....
(5 minutes later)
SQL: Ok here you go!
Me: Hmm...
Me: Give me this id
Me: Give me this id
Me: Give me this id
Me: Give me this id
(Repeat 496 more times)
(1.5 seconds later)
SQL: Ok here you go!
SQL: Ok here you go!
SQL: Ok here you go!
SQL: Ok here you go!
Computers are weird sometimes. :)14 -
Senior showing fellow intern what SQL injection is on the app the intern created :
Senior : "then I hit enter and the query get executed and...
Intern : "don't you dare hitting enter!!!"4 -
Hah!
I just broke my record and generated (not exported or imported) the biggest SQL file!
A massive 15.7GB SQL file monster.
I hope the import will go well.6 -
Dear weird stackoverflow,
What SQL knowledge do I need to hack devRant and get an avatar on here ?18 -
Today I come across something interresting in SQL Server.
I was optimizing a report query and in the SSMS windows runned in 10 seconds for 3000 rows.
Put it to a stored procedure took me 5 minutes for getting 100 rows.
I was like WTF?
After some research I found out that the problem was that I was using the Stored Procedure parameters in the query.
Created local variables for the parameters and poof... 10 seconds again.
So if you are creating Stored Procedures in SQL Server DO NOT USE THE PARAMETERS FROM THE PROCEDURE. CREATE LOCAL VARIABLES.6 -
Whoever thought setting up SQL database connections through XML was a good idea needs to be put on trial. And then exiled to a deserted island so they can think about all the pain they put me through.
6 -
When you watch the new Jason Bourne and see people from CIA hacking a laptop from an Old cellular with a "shell code", or other people saying "use SQL to hack the database"3
-
Interviewer at the end of the meet : Do you have any other queries..?
Our programming guy : of course, select * from ...1 -
I'm working on a stupid simple thing that allows you to find out deep secrets about your friends without embarassing yourself, and vice versa.
Two people get a check box list, here's an example
O Furry
O BDSM
O DDLG
X Vore
---
X Furry
O BDSM
O DDLG
X Vore
And once both of you have filled it out it will only tell you what you have in common.
It's nothing revolutionary, just me learning how to use Rust and SQL (Along with web frameworks and ORM stuff).
Thoughts? Should be out for a demo soon, once localtunnel is back.6 -
Did some updates to an older Web Forms website built by a previous SENIOR developer who is a notoriously horrible developer.
Now before I start, you have to understand this guy studied at a University and had been working for at least two years before I even started working. He is supposed to know the basic shit mentioned below.
This also happened a couple of days ago, so I have calmed down since then so I apologise for the relaxed tone. My next rant will contain a lot more swearing.
This fucking guy did the stupidest shit imaginable.
On the details view of a post|page|article|product|anything that would require a details view this jackass would load the data from the DB.
Using an OleDbConnection, OleDbDataAdapter, DataTable and the poorest writter fucking sql statements you have ever seen. All of these declared in the Page_Load method.
There was literally no reason for him to use OleDb instead of Sql, but he simply did not know any better.
He especially liked: "select * from tbl where id = " & Request("T") & ""
ZERO fucking checks to see if the value is even passed or valid, nothing. He did not even check whether the DataTable had any rows.
He then proceeded to use only the Heading column of the returned row to change the page's title.
Stupidly I assumed the aspx page will be in a better state. Fuck NO!
This fucktard went, added server tags to the opening of the asp:Content tag, copied that shit he used to fetch the data and pasted it between the server tags.
He did not know how to access the DataTable mentioned above from the aspx page!
He did this on every fucking project he worked on. Any place that required <%= %> to display data instead of using asp server controls, this cunt copied whatever was written in the code behind and pasted everything between server tags.
Fuck I could go on forever, but I think this is enough for my first rant.
2 -
How do you pronounce SQL?
"See for me, I just go my own way and pronounce it as ‘sqwool, or ‘sqwll’, which sometimes gets my coworkers (not db or programming people) calling it ‘Squirrel’. As such we have a custom written utility program which automates running certain SQL commands on various databases which is aptly named SQuirreL. Then we started to have fun with it: The ‘pre-defined’ sets of SQL are held in a ‘.nut’ file which you give to SQuirreL. When you want to see what scripts have been run, you check the SQuirrel’s .log to see what .nut files it has ‘eaten’. We thought about naming the log files .poop, but I felt that was too far. I know right now there’s people reading this cringing, but I say lighten up. My boss when presented with the tool, did not get ANY of the Squirrel/nut references… I mean the tool’s icon was a cartoon squirrel holding an acorn for crying out lout, but I digress.
So yeah, I call it Sqwll or Sqwool, but only when talking to people who don’t matter."
Source, in the comments: http://patorjk.com/blog/2012/...
I doubt this has ever been posted. =)9 -
When you switch back to Javascript after a while of using SQL and dont see the error in this line..
Thanks for syntax highlighting that, firefox! I spent almost 10mins checking the parentheses and trying different combos...
1 -
New client : we have performance issues, can you look why ?
I check the production server :
- Windows Server 2008
- IIS
- SQL Server express *facepalm*
- 80% of code is in stored procedures *double facepalm*
Me: Maybe you should buy sql server ?
*client don't seem to want to pay*
Me: :/3 -
Today in a meeting, a non-dev analyst who frequently uses SQL mentioned in passing that he uses Excel as a text editor for his SQL code. I don't know what he said after that because I wasn't able to get past the fact that Excel is his go to text editor.8
-
Had to implement a search feature for a client so I did and told him to check it out (it was a LIKE SQL statement)
He tested it out by typing in iPhone and Phone (there was an item called iphone in the database) and he was amazed about the fact it worked for some reason.
A real answer from him:
"it's working.. how is it working?
each item is tagged to multiple keywords without the user doing anything"
I said it's just a text search but I guess I should've said I'm using an advanced AI to extract all possible terms related to the item title.1 -
1. Plans to reactor some code
2. Formats SQL nicely
3. Entire software stops working
4. After almost an hour finds string.replace() called on the SQL query matching exactly one space
5. (┛◉Д◉)┛彡┻━┻2 -
FUCK YOU MS SQL!
DO YOU REALLY THINK THAT MAKING ME WRITE 60 FUCKING COLUMN NAMES BY HAND WILL STOP ME FROM COPYING AN ID?
Yeah it actually will but fuck you. I want to merge data and you make this work a pain in the ass.
Bunch of cunts.9 -
I hate SQL Server so much, don't matter how Microsoft say they improve themselves at SQL Server.
There's a lot of fucking bloat, messes your system and your services, adds tons of crap in your system registry, while more advanced SQL engines such MariaDB/PostgreSQL are more contained, and its very small.
Why SQL Server has to mess with Windows' ACL and his own privilege systems?.
Uninstall it and a lot of components remain hidden and tons of registry entries, not even TotalUninstaller or CCleaner can help.
I hate it since my technical high school and my goddamn college is forcing us to use SQL Sever for EVERYTHING, instead of good alternatives, messed my computer entirely requiring to format.
I try always to convince my freelance clients to use open-source alternatives, and say how SQL Server is so crap, (i had variant degrees of success).14 -
Using Oracle 10g for our distributed databases practical lab session, and typed many SQL queries in one sheet.
Suddenly this guy came and told shortcut 'ctrl + r' to quickly run selected query.
And the page fucking reloaded and boom, all queries were gone! His evil laugh was more disturbing. 😡😡
Fuck him.3 -
I thought SQL was supposed to be very easy? I'd like to jump off a balcony right now because of it ...
I don't know if I'm just dumb or if my sources for learning are bad or idk
maybe I'm just tired and dislike SQL2 -
Had a job interview today as a Junior Python dev. The hardest part: they asked things, that I used to learn in some time in the past, but got rusty in my memory because I don't use em much. Like "to write func that sorts array". Last time I was writing sorting without standard library at least half a year ago. Same with the regular expressions (need em the most once in several months) or sql expressions (last time - 7 month ago). How to remember these things?12
-
In our databases lesson, we are going to use Microsoft SQL Server throughout the year.
This shit's setup fails at random, doesn't even start (empty error box??????) on some machines, and when it, uh, works, kinda, it's a convoluted mess.
Help.10 -
Love those moments when you’re refactoring legacy code and manage to put logic of 50 loc with bunch of loops and conditions into single sql query.3
-
I knew I had found the right group of friends when one of them suggested we try SQL Injection on the instant messaging feature of the bowling alley console.
Unrelated, do people not think, "hmm, that seems like an unnecessary feature?"2 -
I feel ridiculous. While learning SQL databases I ran a query that was supposed to fill up the database with test data for me to play with. The actual result?
8 GB and 330,000+ rows.
Keep in mind this database is on a remote server, so trying to delete it times out after thirty minutes. I’m submitting a ticket right now.6 -
Was running low on ssd space, so I decided to have a thorough look at what was occupying all of it. First I found out that I had about 5 gigs (!) of leftovers from microsoft sql server which I unfortunately had to use once (thanks microsoft for your shit uninstallers). Then I found I still had a .gradle folder (uninstalled a while ago, maven ftw) with another 5 gigs of cache. That should give me some room to breathe.4
-
Wondering why your form isn't submitting any data to the db.
Spending half an hour checking all POST-Variables and functions in your script multiple times to see if they give the correct values (they do).
Finally realizing you wrote 'INSERT INRO' in your SQL statement.
Questioning your intelligence for the rest of the day.6 -
The day after I delivered a secure programming course to our junior devs.
Junior dev: I can't figure out what's happening when I generate this sql.
Me: what do you mean generating ... It should be a prepared statement..
Junior dev: no I'm just generating the strings from the form
Me: ... Let's try this again.... -
So there's that project with my coworker. We splitt up the classes, 10 to be implemented by him, 10 by me.
Fast Forward to 4 weeks before deploy.
Coworker: Your stuff logs a lot of stuff. It's not very clear and a liiittle to verbouse. 5 entries per second? Too much!
Me: Okay, you're right. Let me fix that.
2 Days later I look at his logs at runtime. He logs EVRY SQL statement and their results! In a batch that processes a 10'000 of customers!
He points out: That's useful stuff and it's not that much. It's needed for debuging.
My face: 😦4 -
Whole class: makes an sql database using phpmyadmin. Simple, easy, meets the requirements
Me: fuck it. Use python with pyqt5. And Microsoft sql server Spend unnecessary hours on making repetitive functions, cause my stupid ass can't figure out how to pass more than one parameters in class methods.
All in all, it looks good. I feel like I did something, learnt something new. Took on a challenge. Its a wierdly good feeling, somewhat rewarding.5 -
Conversations with SQL Server:
Me: TRUNCATE TABLE users;
SQLServer: Okie dokie, Command(s) completed successfully
Me: WTF SQL, u didn't even ask for confirmation
SQLServer: Well, you did type 'TRUNCATE' then 'TABLE' then 'users' didn't you. I mean how much confirmation do you need you prick.2 -
An example of today's generation:
My little cousin 22 years old wants to get into BI Dev. I tell him to read a certain book. The book has practice examples and various things that are hands on.
What does he do?
He READS the book and is like, "ask me any question and I know the answer". So I'm like, "fine, what's the structure of a basic SQL statement?", after some hard thought he's like, "SELECT * FROM?" I'm like, "ok.....how would you filter that?" and he's like, "you got me man........no clue".
What didn't he do?
Practice.
I mean.........come on.3 -
Please, please for the sake of your born/unborn child, check whether the names of the entity attributes are not valid sql keywords.4
-
I'm getting really good at SQL, last year it appeared me to be very difficult but finally, it's easier than I thought4
-
Welp, this made my night and sorta ruined my night at the same time.
He decided to work on a new gaming community but has limited programming knowledge, but has enough to patch and repair minor issues. He's waiting for an old friend of his to come back to start helping him again, so this leads to me. He needed a custom backend made for his server, which required pulling data from an SQL/API and syncing with the server, and he was falling behind pace and asked for my help. He's a good friend that I've known for a while, and I knew it wouldn't take to long to create this, so I decided to help him. Which lead to an interesting find, and sorta made my night.
It wasn't really difficult, got it done within an hour, took some time to test and fix any bugs with his SQL database. But this is where it get's interesting, at least for me. He had roughly a few hundred people that did beta testing of the server, anyways, once the new backend was hooked in and working, I realized that the other developer he works with had created a 'custom' script to make sure there are no leaks of the database. Well, that 'custom' script actually begins wiping rows/tables (Depends on the sub-table, some get wiped row by row, some just get completely dropped), I just couldn't comprehend what had happened, as rows/tables just slowly started disappearing. It took me a while of checking, before checking his SQL query logs (At least the custom script did that properly and logged every query), to realize it just basically wiped the database.
Welp, after that, it began to restrict the API I was using, and due to this it identified the server as foreign access (Since it wasn't using the same key as his plugin, even though I had an API key created just so it could only access ranks and such, to prevent abuse) and begin responding not with denied, but with a lovely "Fuck you hacker!" This really made my night, I don't know why, but I was genuinely laughing pretty hard at this response.
God, I love his developer. Luckily, I had created a backup earlier, so I patched it and just worked around the plugin/API to get it working. (Hopefully, it's not a clusterfuck to read, writing this at 2 am with less than an hour of sleep, bedtime! Goodnight everyone.)7 -
A one of my co-workers today said he once witnessed a 20,000 line SQL query. Is that even a thing? What does it do?9
-
Creates PHP scripts for development SQL server, pushes to production to find out the schemas are different. *face palm*1
-
-- This is my first rant so sorry if it's bad--
We have a nice project that I am working on that needs to store and interact with location data. It is a .NET Core API using Entity Framework Core to interact with the database. All good and well. Until today when I started working on the implementation of storing location data we retrieve from mobile devices.
SQL has a nice data type named: "Geography" which can store a location and do calculations on it with queries. Such as proximity and distance which is what we need.
But then it turns out that EntityFramework Core does not have support for the Spatial data types. even though version 6 did have Spatial support.
Then i found the following issue on GitHub: https://github.com/aspnet/...
Turns out this feature has been requested since 2014 and is even on the "High-priority" list and is still not implemented to this day. Even though in the issue many people are asking to have this implemented.
WHY IS THIS TAKING SO LONG MICROSOFT!!
So now i have to figure out how to work around this. But that is an issue for tomorrow.1 -
During a design meeting, our boss tells me that Vertx's MySQL drivers don't have prepared statements, and that in the past, he's used a library or his own functions to do all the escaping.
"Are you kidding me? Are you insane?"
I insisted that surely he must be wrong; that no one would release a database library without built in support for query arguments. Escaping things by hand is just asinine and a security risk. You should always use the tools in the database drivers, as new security vulnerabilities in SQL drivers can be found and fixed so long as you keep your dependencies up to date.
He told me escaping wasn't as tricky as I made it out to be, that there were some good libraries for it, and insisted Vertx didn't have any built in support for "prepared statements." He also tried to tell us that prepared statements had performance issues.
He searched specifically for "prepared statements" and I was like, "You know they don't have to be called that. They have different names in different frameworks."
Sure enough, a short search and we discovered a function in the Vertx base database classes to allow SQL queries with parameters. -
Running SQL Activity Monitor to find inefficient queries. According to legecy team this is how they think they should query SQL 2014 for a customer.
10 -
First software refactoring in the company I worked for. No test environnement because "who needs it?", no unit testing, no comments, had to make sql updates and shit, was scared all day long that something would fuck up.
"Fuck fuck fuck, forgot a part of the where !" Had to fix everything quickly so no one would notice, no coffee/smoke pauses. On top of that, got a ton of retarded requests from the PM and other technicians working with me like "hey boi, could you add an icon to every button we made? There's like a thousand, we need it for tonight, our client will come visit us and I want to show him a better interface blablabla"
And since I was an intern, I couldn't refuse, had to work like a prostitute in virgin-land, and for what?
"Oi, you did good, now do other stuff"1 -
Any good resources for sql?
Im getting heavy into databases. Im a noob but i need to reach top level quickly.
Im gonna buy 1 oelr 2 books. Im leaning towards oreillys “learning sql“.
Any suggestions?11 -
I had once an sql error that took me two days to resolve it.
The error message was a syntax error but I was using an ORM to write my queries (doctrine with php) .I didn't have too much to debug as the code was pretty simple and clear so I got to the point that I convinced myself that this a bug and I'm gonna try to mess around it to avoid it.
Second day late night, something popped up in my mind '' hey what about those reserved words? Could it be the reason? '' aaaaand BINGO the key '' option '' is a fucking reserved word for mysql.
Tip : always check that list before writing your data models (specially if you're a noob like me)1 -
Made a SQL query wich perfectly worked. Than added one collumn to be selected and everything is shit.
And the worst is I still don't know why! Ò_Ó2 -
My boss's SQL schema has no foreign keys and he said he left them out intentionally because they should be handled in the application layer and they're a large performance impact.
This is a fresh greenfield project and he's already pre-optimizing for problems we don't have yet, on things that may or not be bottlenecks using ideas (e.g. foreign keys have huge performance costs on mariadb/auora) with no hard data or facts to back them up.
Let's start a new project with some technical debt!2 -
WHERE CASE WHEN field1 IS NOT NULL THEN ISNULL(field1,NULL) END = ISNULL(field2,NULL)
So many wrongs, my wrong-o-meter broke...2 -
I never knew that I was a good mentor at SQL , specially at PL/SQL.
I gave a task to a new member of my team, to fill 5 tables with data from other 15 tables.
I informed him well about data table info and structure. He spended about 3 days to create 25 different queries in order to fill 5 tables.
After I saw the 25 queries, I told him, that he could do it with 1 main query and 5 insert statements.
So I spended 1 hour of training, in order to build,run and explain how to create the best sql statements for this task.
(First 5 minutes)
It was looking so simple at the beginning from starting with 1 simple join, after some steps he lost my actions.
(Rest 55 minutes)
I was explained the sql statements I 've created and how Oracle works.
Now , every time he meets me, he feels so thankful for learning him all those Oracle sql tips in 1 hour.
Now he is working only with big data and he loves the sql.1 -
This may be the best Stack Overflow comment I have seen when learning SQL.
How old is Frank? I don't know (null).
How old is Shirley? I don't know (null).
Are Frank and Shirley the same age?
Correct answer should be "I don't know" (null), not "no", as Frank and Shirley mightbe the same age, we simply don't know1 -
Switched from PHP 5.4 to 7.1, migration went well except, a seemingly harmless SQL query takes like forever to fetch. At first I thought it had something to do with the DB or the server.
Issue: Previous developer did a sloppy job by using nested sub-queries everywhere.
SELECT
(SELECT foo1 from x1.....),
(SELECT foo2 from x2.....),
.....
Unlike 5.4, PHP 7.1 seems to have 0 tolerance to nested queries and just flat out crashes or takes a stupendous amount of time to load.
Using nested queries is such a bad practice.8 -
Yesterday, microsoft showed me once again, what it means to "obey".
I tried to install Microsoft SQL Server 2012 on a virtual machine with OS Windows7.
The installation-center asked me to choose an installation-folder for SQL-Server.
No matter what, for any folder i had chosen for the installation, the setup replied with the errormessage "The installation-folder is invalid"
So i considered asking our platform-services team, whether they gave me administrative rights for the vm.
They did. I had full access to the components of my vm.
After a few days i finally recognized, that i had picked a wrong iso for the installation of sql server.
Instead of sql server 2012 + Service Pack 3, i picked sql server 2012 ServicePack 3.
So after all, Microsoft tried to tell me by showing the message "The installation-folder is invalid", that the setup weren't able to find an installation of Microsoft SQL Server 2012.
God damned!!1!3 -
I just dealt with a 3 nested "if" statements in SQL. There is no indentation so I am quite frustrated since each "if" spans up to 2-30 lines.
I now understand why Python white space is significant5 -
Going through some pretty fucked up shit right now : a string containing an SQL query goes though a 100+ lines function full of if{} else{} with up to 5 levels of indentation, where it replaces some parts of the query with other words... 😱1
-
INSERT INTO not_rants ("
Today I took the time to learn the basic SQL(ite) and just finished learning in depth about the art of querying.
I just had to do this, because I am very unsatisfied with the way we learned it in school. Almost literally only translating the words CREATE, TABLE, SELECT, FROM, WHERE, UPDATE, DELETE in MySQL.
Funny, irrelevant fact: Before I could download the meme below I encountered this beauty of an errorlog:
Value of '∞' is not valid for 'emSize'. 'emSize' should be greater than 0 and less than or equal to System.Single.MaxValue.
Parameter name: emSize
https://cdn.meme.am/cache/...
");
1 -
Who has replaced a dot with a semicolon while composing a SQL query in php? Me. 😤😤😤😤😤
Two hours spent in fixing everything and a sleepless night.
8 -
Progress.
It isn't much, but the MVC application now reads data from the Linux LAMP server and prints the SQL data back to the client. Biggest hurdle was the fact that my Linux host blew up three times over the week, but hey, how else are you going to learn Linux servers?
Moving into spring framework self-education in July. Hopefully it's a little less painful than Apache Tomcat.
-
I'm doing databases in school now, but I couldn't wait to make one/learn basic SQL, so I made a database of the devices on the home network!
Shown here is the DB and an SQL query that was basically corrected by the program ;-;
6 -
I've only been in college for 2.5 years, but oh the stories I could tell... I'll tell just one (for now), and this is not the worst of it.
Had this one instructor. She could teach and explain things well, but I'd be lying if I didn't say she was strict and often rude and flat-out a pain. Had her about every other semester.
SQL class: Using Oracle SQL and a cheap book with printing issues (my first copy was illegible), we learned about database design, management, and lots of things we can do in SQL. I learned a good bit, but then again, I was an online student and self-learned from the book.
It was near chapter 5. Literally every single student had trouble that week. I think the semester was starting to take its toll. Even I had trouble. It seems 0 of 25 students in class submitted their work by Sunday evening (this was before the COLLEGE changed the universal policy that assignments were due on Monday night (THANK GOODNESS)), so she extended the assignment to be Monday night and told the class (nevermind her assignments were dreadful and hated doing them. Fun fact: I probably still have them and can dig them up if wished).
Except she didn't tell her (multiple!) online students.
As I said, even I was having trouble that week. I ended up getting all my homework that week mixed up and thought I submitted my work. When I discovered I hadn't which was after the deadline, I asked her about it when I was on campus.
Instead of listening to my claim that she never emailed the online students, she protested claimed she did (I could have pulled up my email with proof, as could she, but she never did), said it was my fault for not submitting my work (true) and not checking that it was extended (???), that I should have be grateful she even extended it (um), she was not accepting any late work, and shrugged off everything I said.
I was likely one of (if not the) best students. To this day, that is the only assignment I've gotten a zero on. I still passed with an A, but I did my best to try to find classes without her from then on.
Up next (when I find time to type it): My first encounter with this instructor (which happened before this story) which created some sweet justice two years later. -
Me muttering to myself: Oh shit…
*time passes*
Me: Fuck this SQL query, it’s like a goddam essay!
*time passes*
Me: What the fuck is this?
*time passes*
Me: Oh crap, now I’m gonna have to check the joins…
*time passes*
Me: That’s gota go
Also Me: …and that bit
Me: Yea, we don’t use that anymore
Also Me: O.K. Let’s test it
*Test*
Me: That didn’t work, let's see if I do this…
*Test*
Me: But I fixed that!!!
*Test*
Me: Why isn’t it working?
Also Me: It should be working, it thinks it's smarter than us!
Me: We checked everything, It should be working!
Also Me: Filthy query, we hates it, we fucking hates it!
Other developers: *Start backing away*3 -
We've had tabs vs spaces, gif vs jif, but how about S Q L vs sequel? Which one do you prefer? I'm in camp sequel.12
-
I hate those questions like "where do you see yourself on five years?" Or "tell me a time when you had to [insert leadership activity here]" where the obvious answers are something inane and managerial.
I also hate those questions that come up a lot when I say I know SQL where they ask me to do some inane, unnatural SQL thing in a statement rather than a procedure or a function.
Also see these: https://devrant.io/rants/136331/...
https://devrant.io/rants/132198/... -
Most of the companies visiting my campus for placements are hiring people with high CGPA and less knowledge and leaving (not even allowing for taking tests) the ones with good technical knowledge with less CGPA 🙁. So I hacked the placement portal developed by a PLACED, HIGH CGPA Candidate using SQL Injection and got access to all the student accounts 😄3
-
!Rant
A couple hours ago I had an "interview".
It was like that:
- Show me your SQL skills, select from 2 tables, aliases, groups
-- Passed
- Ok, Now you have to learn Visual Basic .NET for getting this job, your first task is to create a simple calculator
My mind just exploded. Visual Basic?!? Noooo.... Really? I don't want to learn that Microsoft shit.... But it's good paid work so I'm trying it right now.
To be honest? I'm suprised, it's not that bad and I think that problems are not in languages, it's about cooperation, flexibility and enthusiasm to solve problems.
So don't judge programming languages and solve problems with them.
Still hate pascal and my English🤔
P.S.: Boss is amazing, smart....2 -
*Sitting in sql course*
Professor: "So today we are talking about normalization which will make our tables much more efficient and easier to understand."
Me: (In my head) "Sounds useful!"
Professor: "First we will start with UNF or un-normalized form"
*Professor shows example on projector*
Example:
"UNF: Student ( name, sAge, , college_name {COURSEID, cname. descCourse C# }]"
*Frustration begins to take hold as I play where's waldo*1 -
Any advice on some good SQL book or resources?
I need to start learning DB designing and theory.
I know jackshit apart from the basic commands.4 -
I've been assigned lots of database work the last couple of weeks. Managing old databases are what make or break people surely.
The customers have this proprietary mess of a Visual FoxPro database manager.
I spent the entire day navigating what I should and shouldn't export for them (as they're fortunately trying to rid themselves of the service)
When I was supposed to do the export, the proprietary hardware only allowed exports of 25 rows at a time with the free version this big company is using... I ehr... I just regret not converting it into SQL to begin with.
2 -
Today, I had a small, but funny conversation with a person I knew from my education (application developing).
He suddenly asked, how to prevent using HTML-Tags in PHP.
So I send ihm following line:
$string = str_replace(array("<", ">"), array("<", ">"), $string);
Shortly after the line, he asked, how to add this into his query, which looks like:
$query = "INSERT INTO comments (name, email, quote, hinzugefuegt, ip_adress) VALUES ('" . $_POST['vName'] . "', '" . $_POST['eMail'] . "', '" . $_POST['q17'] . "', NOW(), '" . $_SERVER['REMOTE_ADDR'] . "')";
Now I thought: "Well, he don't even secure his variables", and I posted a Pastebin, which only "fixes" his issue with replacing the HTML-Tags, but still allows SQL injection.
https://pastebin.com/kfXGje4h
Maybe I'm a bad person, but he doesn't deserve it otherwise, because when I was still in education with him, I told him, he should learn to use prepared statements.3 -
Part of my job requires me to use SQL in SQL Server and databases and Python and utilising Javascript APIs - so I was thrown in at the deep end. But my fiancé is also an amazing help as a software engineer he helps to spot my errors and encourages me to take on new challenges.
-
Today salesmen gave me some recommendations about my "so hardly optimized" SQL queries..suggestin me to change em.. I said okay, let's execute these.. 10 hours later, their computers sql workbenches finally displayed the fucking first one.
Result: 0 row... 🤐2 -
I've alway pronounced it sequel but everyone I know swears it's SQL, so I say that now to fit in.
I feel like a spy, lying to my closest friends everyday...2 -
Captains Log:
Day 2 of trying to get SQL database to work with JDBC application.
I've built a try/catch method and it throws up the message that IntelliJ can't find the JDBC driver.
More research to be done. My first officer duck buddy has no input for me.
It's going to be a long day.
17 -
When it comes to choosing a database, What is the best for a Java project?
1.SQL - MySQL
2.NoSQL- MongoDB11 -
Today is SQL day.
Been some time since I had to go here, the queries are flooding back to my mind like water over a dam wall. How the heck I remembered these is what I pondered.
Oh well, back to SQL (at a client - yay).
Now you SQL me, now you don't. -
When your about to start development on some tickets you've been wanting to finish, and then MS SQL management studio poops out and you have to spend the entire day re-installing/fixing your SQL DB's... Oh and now behind schedule1
-
Can't create a new SQL database on Azure on on one subscription as every region is unavailable. Everything works on my other subscription.
Fucking hell.1 -
1 problem down, 3 more show up.
I love SQL.
In other news, client won't send data to utilize, so I must fill in dummy data.
How's your day? -
Are sql joins a bad practice? :o
I recently did some work on a page for a site ive never worked on cause my boss told me to. So they recently added product detail video urls to a table that has a relationship to the products table. The existing code was querying for the products on that said page and then during the loop that was outputting the products ,there was another query for getting the url for the current iteration/product. Told my coworker that this imo was pretty inefficient way to do it and switched it to a join and did 1 query then output that but his words were "The way it is now maybe ineffecient in your opinion but it works. Also combining inner joins with left or right is not a good practice. If the data is changed upstream the entire query would need to be redone to accommodate the change". Mind you that they query views a lot which are all made from queries that use joins and I'm also pretty sure these views were written by someone who used to be here because these guys are not good at sql or at least that's what there queries show. I'm at the point now where I'm realizing that my boss and this other guy don't give a fuck about efficiency or doing things the right way they just want it "to work". So this coworker changed my query back to the way it was because he said it broke the shopping cart even though that was already broken when I started... What is life? Maybe I'm the stupid one?7 -
My Technical lead always asks one question to new interviewing candidates. "Write a SQL query to find the second highest salary from employee salary table". It's the same question which he faced in one interview and he didn't have answered it.
Sorry for my bad English..3 -
Knowing SQL does not mean knowing all the existing technologies that uses SQL, motherfucker! Stop bragging around that you know Postgres, SQL Server, Oracle and shit.
IT is full of shit talkers and ego, NNNNNNNNNGGGGGGGGGGHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
11 -
Learnt a lesson today:
Never try out new hotkeys in a SQL query editor window.
Or if you do, at least make sure it's not connected to anything important :)
I was trying out new hotkeys and accidentally executed a SQL deploy script to rename something in multiple stored procedures in a large system.
Thankfully - so I saw after my heart stopped - it was only our QA db so not too bad, just a couple of devs set back.
Who woulda thought ctrl-l would execute :O -
Wow...a talented developer created a 3 via SQL execution plan. The query runs like crap but the execution plan art is pretty.
1 -
Life of an Oracle Developer ... Day {I've lost bloody count now}
Task: Optimise a 236 line cursor consisting of 7 SQL SELECTS and unions, 39 joins and nested sub queries galore.
"YAYYY" said no one ever ...3 -
That feeling when you debug the Users table in sql, which has a Password field encrypted with hash, but most of the demo users use the same Adminadmin password, so you recognize the other users password because you rembered the hash1
-
Can any sql guru take a look at this problem?
I try to select number array from a JSON object, but have no idea how to do it.
https://stackoverflow.com/questions...5 -
First exam this year, about database optimisation. I have been there just a week and I really enjoy this school
BUT. THIS. CAN'T. BE. TOLERATED.
I wouldn't wish my worst enemy to write SQL on paper goddamnit!!!!
(Yeah I didn't have any other pen that this red one, at least it was erasable)
7 -
I once saw a DBA using two for loops in PL/SQL to join two tables. I wonder if he knew about the "alternative" way to do that...2
-
Got my “Certificate” for SQL. What do you think? I have a few other just not sure if this means jack squat despite it being a free “certification”.
9 -
I use mySQL workbench on a daily basis, but I've been having issues with the dark GTK theme not working well with Linux. Should I do a workaround to get workbench to use a light GTK theme, learn to use SQL from the CLI, or go with a third option?16
-
copying field data from one table to another,
wondering why the execution takes so long,
since your copying only data from three rows,
realising you forgot the WHERE clause in the SQL while working on a live database and overwriting all data with the last statement 😨6 -
That amazing time when you realize that your self-written ObjectData Entities framework working on the top of the SQL server requires 25 joins to pull the data out of 150-ish table database.
Disappointment.1 -
i am not a SQL expert, but i can do what i need to do in order to be considered a full stack dev
the syntax i have to learn was deprecated before i was even born -
"So... you know SQL? Great!! Here, I have this project for you to fix a few things."
"What is it?", you ask... SSIS packages and stuff!
Where do I start??!! -
I've always found it funny when sql errors "at or near" a character. I don't know enough about sql to understand why it does that (although I'm sure there a reason!)....but it just sounds like it's not trying hard enough 😂
Maybe someone smarter can explain?1 -
I've solved hard problems before, and used languages other than Java, but for some reason I don't know how to start using SQL. I couldn't find a SQL IDE. Any suggestions on how to start working with SQL on a Linux computer?6
-
Is there ever any reason for SINGLE Hibernate SQL query/template to join like 10 different tables, do math, and come out to like 30 lines?
This is not a stored procedure, it's a single SELECT2 -
MFW I, a junior dev who just started have to explain what sql injection is to a senior IT person... It's not like I'm an expert in the field, but a little bit of expertise would be nice2
-
was working on a project once where we needed a database mapping to some c# code
tasked one of our less experienced guys on it to maybe give him some experience
now I'm assuming most people here who have worked in .NET for a reasonable amount of time know about entity framework, and I did tell the guy about it.
three days after giving him that task he comes up to me smiling and says he's done
great! what did he do? he wrote the database mapping from scratch using hard coded SQL queries using lists to chain queries together in a sea of if-else statements...
let's just say the code broke down and needed last minute fixing when it was time to present it2 -
Should I learn a database language before backend, or vice versa? I’m thinking that I learning Rails and some form of SQL.2
-
I recently heard someone pronounce SQL as "Sequel". Is that actually the correct pronunciation? Have I been saying it wrong all those years?9
-
I fucking HATE ORMs. Fuck this bullshit, they always have some use case that is stupidly difficult or obscure that no one knows how to deal with because the creators didn't think of the one thing I want to fucking do.
Screw this bullshit, homebrew SQL is ALWAYS the way to go; I've never encountered an ORM that didn't turn in to a troubleshooting, dialect-learning timesink.5 -
Been ripping the hairs from my skull the entire week trying design some new databases and some SQL to pull the correct data from them.
Litterally 5 minutes before i log out for the weekend I run my test cases and everything works! Amazing start on the weekend :D3 -
Found an infinite loop in SQL. One proc called another and then that one called the other. Woooooo.....
-
I've been given a huge stack of paper, some users stories and loose specs. Was tasked with engineering the specific requirements, then the models and finally the database. Then I need to build an API on top of that.
Stuff I'll use is Go and Postgresql. Small issue is, I've never done DBs, so I've no idea what to do or where to start.
Does anyone have any resources to help kick-start myself in this field? I've been reading on SQL, but that doesn't really tell me anything about data structures and how to transform those user stories into product requirements.6 -
We had a test in class where one of the questions was "What is SQL injection?" and I wrote what it was and even gave a bang on simple example where I showed how you could end up with a truncate statement on your customer db. The last part of it was:
"This will be the SQL that gets executed:
INSERT INTO Customers (Name) VALUES (' ';TRUNCATE Customers;--);
When I got it back after we had a session of "grade each others work" I got the comment: "What makes this an attack against a database?"
I mean, I'm not sure what I could have written. That it truncates the database? And, correct me if I'm wrong, but if a user truncates your DB, is that not an attack?
-
I was scanning over a dreadful code base I had to work on and found SQL injection vulnerabilities. THE SITE WAS LAUNCHED IN 2017!!!! 😢2
-
Spent 2 days optimizing SQL queries, and then I learned a valuable lesson.
If your database size is bigger than the RAM of the machine it’s running on, every query will take 5+ seconds ☹️4 -
Inherited a legacy system from a previous "developer" who wrote code to sanitize input from sql injection in the front end and then called an web method called execSql which accepts am sql statement in a string value!
Obviously the app ran under admin privileges.3 -
Today I got a change request that told me I needed to create a report showing orders broken down by their order types as percentages.
Now the order types part involve SQL queries that translate business rules into multiple table joins and it's quite nasty (200 + lines or so).
Naturally the change request doesn't mention any of these business rules and how to tell that orders are of a specific type... but alas!
It teaches me how to calculate a percentage :)
... like "10 / 100 * 100 = 10%"
I don't know whether to laugh or feel insulted.2 -
Hey all, can you guys recommend some great books on database theory and design. Something aimed towards intermediate towards advanced. It doesn't have to be sql, I just want to learn how to make a kick a#@ db.
Thanks!!!!!!!
7 -
Saw the following SQL in an SP at work:
Type_ID = CASE Product.Type_ID
WHEN 1 THEN 1
WHEN 2 THEN 1
WHEN 3 THEN 2
WHEN 4 THEN 3
END
Seems a little bit redundant to me :-)...1 -
https://prodajatest.byethost7.com/
My first public website... Please don't say how it is bad because I know believe me :) There is probably XSS and SQL innection attacks so feel free to play with it. Also it is on serbian but you will figure your way in and out (if you even open the website)6 -
Confession - Testdriven UnitTests
First of all, I regret all and wish there would be no SQL Scripts but an external tool to analyze data, but the project grew hysterically and when I joined the sh*t had already been established...
I had to test some SQL Scripts. As there is no real UnitTest framework which is under development/gets support, the whole suite is kinda buggy.
So I had my script, and had the required input + expected output, but the UnitTest always failed. So I manipulated the framework parameters until the test finally passed.
Shame on me and on the project, but atleast there are tests now... -
I thought Notepad++ was the one and only text editor for random small tasks..
I wanted to check a 280MB SQL file if it dumped a specific table.. the file never opened, and now npp is stuck in "Not responding" :)9 -
It’s 14:30 and I’ve only just opened SQL Management Studio and Visual Studio after being at work since 9am. Sometimes I hate being a team manager... so much shit shovelling and not enough fun work1
-
So, I was defending doctrine (orm framework or hibernate for php) for a long time as an awesome tool. But not today. This piece of shit has it’s own abstraction DSL for SQL (its called DQL), which is very limited. So, I spent whole fucking day to sum (+) two results from subqueries, but this fucking shit doesnt support + operation for subqueries. And there is no easy workaround besides splitting queries and merging data in backend. Fucking amazing...5
-
I don't know... I'm very sceptic about JPA. I worked on a project using this technology and having much trouble and now I'm working on the second one, but sincerely I prefer the standard SQL approach. What do you think guys about this framework?1
-
WHY THE FUCK EVERY DAY YOU SEND A NOTE TO THE CLIENT TO TELL THEM A SQL SERVER JOB RAN.....!?!?!?!?!?!?
Seriously....no automatic messaging....FROM THE FUCKING IN BUILT SERVICE...the fuck is this manual life that people love to promote. -
Colleague: I can't restore this backup file!
Me: What version of SQL Server are to restoring to?
C: 2016
M: Should be fine. How did you get the version?
C: * opens SQL Server Management Studio, clicks Help > About *1 -
My last rant with example of usefull PHP function in old inhouse CRM software was somewhat popular, so I decided to post more stuff. This time we look at the login function. Besides obvious problem of SQL injection (that i of course tested) we have two calls to the same 'poslednji_login()' method (translated to english - 'last login') that actually just returns current time, not the last login time... twice...
6 -
I’ve always wrote my own class to sql methods, but I used the Table Adapter in C# and I don’t think I will go back.2
-
Pardon the rant; some of it can probably attributed to me, but please indulge me of you could.
I'm tasked with creating a report that pulls data from some sql tables in c#and presents it using javascript. My manager was nice enough to lend me his old sql query, so I run with that using sql connections. Now I find out AFTER I get my sql query string working and retrieving data properly that my manager wanted it done using linq and entity framework, so now I have to start over, a process made only more "fun" by the confusing and unintuitive column names of our sql tables.
Moral of the story: don't take the easy way out.
After I spend some time fixing that up, I have to print out the data using javascript and html, which my manager was kind enough to lend me. Cue me shutting off my brain and thinking that I should have the program open and display this stuff itself. Let me tell you that converting a console application to a Windows form application is not a fun experience, especially when entity framework makes classes named "application" and "form" from your database tables. After finally getting the WebBrowser form to work, I'm hit with a javascript error from the library my manager referenced (he is a programmer himself). I tell him about the error and he just tells me to write the html code to a .html on disk like he did, but never explicitly said he did until just now.
Fixed moral of the story: don't take the easy way out, unless you should.
I should clarify I was given the whole raw sql query and html with some embedded javascript and a reference to chart.js. -
So my school forces me to take a partner in my project. I build him skeletons, give him examples and wait to see what he'll do. He was supposed to do CRUD for text messages in SQL database. In the update and delete functions, he does this:
UPDATE Message SET (values) ...
WHERE username=@username
Yup ... -
Easy rant that sets me off. Creating an ERD with correct Database Normalization from an existing clusterfuck!
-
How do you guys perform program tests or build your test env? Like redirect writing sqls towords private tables whilst keeping reading sqls towords to general test tables
-
bcp in SQL Server can't export column headers. WTF?! Spent hours trying to find a solution that doesn't involve me typing all 250 columns.
Still haven't...2 -
Been working on pen testing an old ass web app written in a combination of 4 languages with the primary being asp, serious question for the older generation was concatenating SQL statements ever best practice or are the mob that wrote this just useless?
-
I'm completly hating having to work with databases at college.
I have to use my department's Oracle server to which I must connect using a VPN that fails constantly and I must use SQL Developer that hangs every single time I want to do more than a single Select with it.
Maybe next year I finish this course unit.5 -
! rant, I hope😗
To anybody with MySQL/Mariadb experience, how different are these two as I need to pick one for a database application I'm building.
Also, and God will I sound like an amature for asking, is it best practice to debug and deploy the SQL database on an actual hosted server or to just do it on the client PC? I have both and I want to work with whichever one will give me less of a headache.😣
Any feedback would be helpful! The server is Debian and the client is Arch Linux.8 -
Every time I see SQL scripts with cursors...
C'mon man. Set based operations are way more efficient.
2 -
!Rant .. I need some quick help and didnt know where to go.. so fellow ranters please help...
So I have created an sql trigger which is supposed to add a kill to a doctor whenever one of his patients changes state to "killed" . But I dont know how to just get the one row that is updated. As it looks now : The doctor get patientKilled ++ for every patient he ever had before as well... How can I solve this ?
USE [AD17_Hospital]
GO
/****** Object: Trigger [dbo].[PatientKilled] Script Date: 2017-10-21 19:51:32 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER TRIGGER [dbo].[PatientKilled] ON [dbo].[Patient]
AFTER UPDATE
AS
BEGIN
declare
SET NOCOUNT ON;
UPDATE Doctor set PatientsKilled+=1
FROM Doctor d
INNER JOIN inserted p
ON d.DoctorId= p.DoctorId
where p.PatientState='Killed'
END4 -
I absolutely hate it when people pronounce MySQL as MySequel but I have no problems with people pronouncing SQL server as Sequel Server. It's a weird world.1
-
I am in need of a good web host for my personal website... the one I use now is free and therefore sucks. I can't even get external access to the MySQL database and their SQL client sucks.9
-
Sigh, what is it with these cowboy SQL Devs? Why the fuck is this a pattern for anything?
New contract, new idiots, sigh.
EDIT: Had to change picture because Prod is different to Dev (but no dev has been done since release....smh)
4 -
Is there anyone here who is expert in Microsoft Sql server. Am getting error while connecting to local database.8
-
I was writing a db on sql and I accidentally fucked up the key column.(as you can see in the pic) No, I didnt used AUTO_INCREMENT.
Is there a wei to make this right, other than doing it one by one?
3 -
When you open an access db in visual studio so you can do sql querys with out the annoying access interface and then i realize visual studio uses the same interface as access except its worse *-*3
-
had a uni exam in databases (just closely didn't make it😒)
it didn't even have sql in it!?
questions about ER diagrams and draw a diagram, functional dependencies with given dependencies, find candidate key and what not, work on a b-tree (miserably failed😣), datalog (who the fuck cares about datalog? the least expected topic) and transaction management/serializability
whose idea was it to not include sql?? isn't it one the fundamental parts of relational databases?4 -
Why is the syntax of SQL INSERT so completely different to the syntax of UPDATE?
...proceeds to rewrite multiple 60 column inserts into updates...2 -
I really love how quick it is to get data from SQL with Djangos ORM. But heaven forbid I want to do a WHERE EXISTS clause. Comparing against two tables should not be that hard....1
-
So I am struggling with a SQL Query for my Database lecture.
This is the Table Layout:
Users(id:integer, reputation:integer, display_name:string,
day:integer, month:integer, year:integer, location:string,
up_votes:integer, down_votes:integer, age:integer)
This is the task:
Show the set of users who have the highest reputation and the lowest down_votes
than any other user. HINT: there is no user that is better than all other users on each of the
criterion individually. Thus, you need a query that can eliminate users that are worse on both
criteria than some other user (in Economics your query will return what is known as the Pareto
Set).
I have looked up the Pareto Set but I am not really sure how to implement it into SQL.
So does any one of you know how to implement this or could anyone lead me into the right direction?
Help is very appreciated :)12 -
I've never had any use for Pythons tuple unpacking until today when building objects from SQL selects. I always thought it was kind of a lame feature, now I think it's awesome.
-
F-word with three consecutive U-letters! SQL Management Studio just crashed, just when I had finished a nice script, that I hadn't of course saved yet. I must say SQL Management Studio hardly ever crashes, can't even remember the last time that happened before this. Wonder if it has anything to do with the plugin SQL Complete that I installed just recently? SQL Complete also has the annoying habit of displaying a popup every time SQL Management Studio is started, with a delay just long enough so you have already got started with something when you're interrupted by that popup. No, I'm not going to upgrade a piece of software that behaves maliciously!15
-
Another guy and I are each making a CMS to see who can be done first and who's looks/acts the best. He's basically done and I still have a lot to do, but I've been looking over his code and, it. is. bad. The classes are badly made and named with all lowercase. And i found this thing, he has 10 other functions just like this one.
His: https://ide.explosivenight.us/works... (I made sure sql injection isn't possible for normal users)
Mine: https://al1l.com/blog
4 -
You know what's more fun than debugging a SQL stored prodecure?
Debugging a SP which CATCHes all errors and instead returns an error code. Because exceptions are scary... -
I needed to migrate one DB to another with one sql suite but instead I fucked up and suddenly disconnected both DBs, without being able to reconnect them again
I waisted a whole day for debugging, but found nothing
And guess which magic fixed all issues? On and Off a service of an app
On and Off!!!
The fun thing is that restarting the server didn't help, but the only service helped1 -
Week2 day 1 of beeing in the database team to learn more sql. Turns out the task they want me to complete is rather easy. So this is day 2 of doing exactly nothing.
Also im not allowed to do the task all on my own since the other apprentice has to learn it too.
These short blocks never have any challenging tasks to do *sigh* -
When I see job adverts asking for SQL skills it really puts me off. After seeing how database migrations and eloquent in Laravel work I don't know why anyone would write SQL queries again!8
-
When you deliver a site to a customer and find out that you forgot to prepare all the statements so that the website wouldn't be vulnerable to SQL injections. So yesterday I forgot to add that, had to close down all the connections to the website and rewrite all the statements. Everything is good now
-
LEARNING QUESTION
I have been learning a lot of coding, front and back end web mainly (a touch of C# and Python but trying to keep my focus on web for now).
I am wondering where is the best place to learn about integration of SQL into other web programming (PHP for example).
Any tips are greatly appreciated.1 -
You guys have any good resource to learn SQL database design with ERDs? All I can find are really Basic examples but nothing that goes a bit deeper1
-
I'm working on broadcasting changes in a SQL Server db using web sockets, but trying to not install anything because then I'd have to get our DBAs involved...
Spent hours trying to package a little node app that broadcasts the changes as an exe using nexe, realized for the most part it just compiles node from source, and the outputted binary didn't end up running, anyway.
Then it hit me; I can just run the node exe without installing it. Now I just have to get this service broker to work... -
New dev here.
Got assigned a task which revolves around trying to figure out a 7000 character DB2 SQL (spaces not included).
Im dying a litle bit inside... -
I hate pl-sql and data warehousing. For this project we're extracting from source tables using a generic method equal for every student, changing the data and then copying to a table for analytics.
Everyone's project is fine. Mine occupies 90mb and exceeds the quota already. Delivery due in 2 days... So much for that cs grad. FML. -
Recently had trouble with some SQL. My tests would not pass, so I had to manually run it to debug it.
SELECT * FROM a JOIN b ON [...] WHERE b.foo NOTNULL
Yielded 0 of 3 rows. Expected 1
Tried querying WHERE b.foo ISNULL instead. Would have expected 2 of 3 rows, but got 1.
After googling i discovered that comparing with NULL does not return a true/false binary description, but may also return unknown if the type is not a NULL type, e.g. 42 ISNULL =" UNKNOWN
😳 -
I'm doing a code review and, it's not unheard of to have lowercase SQL im our codebase even though most of it is uppercase. For this reason I decided to let the lowercase SQL slide even though it makes me cringe so much... That is, until I came to one procedure that was uppercase and in this revision it is lowercase :O I want to die a gruesome way which would be very nice compared to this :O
-
when you find a single invisible character in each of your sql files in visual studio that causes a sql implosion saying
invalid syntax near ''
Sublime Text 3 and other tools didn't help. required manually finding this time, in 20 files..... with an overdue project.
I wanted to burn visual studio to the ground
4 -
A friend outsourced a project to us with partial requirements. We developed it as per the requirements and submitted the app and admin portal to his client. I was aware of certain critical features missing in the requirement. Generally we provide an admin portal to manage the backend of the app, but in this project a backend was to be made but the adding or modifying users section was not mentioned in the requirement. My team presented the project and convinced them to create or modify users writing SQL queries on the production DB (they are sales guys with no technical knowledge)
P.S - we won't be responsible for any DB errors :P -
What's your favorite way to expose a SQL database? Or interface with it?
Using mysql workbench right now and it's a bit much for my users.9 -
Idea for the "why did I think of this" pile:
SQL console skill for Alexa/Google home. Data storage has never been so frustrating!
Top Tags