- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
David,
plz email me teh codez
Admin
It looks to me like this is an example where an idea or mindset from programming data structures (the bit set or bit string) was badly migrated to a database.
The problem is that the context that a data structure lives in is different. In memory, there are no handy-dandy indexes unless you make them yourself. In a database, that framework is already mostly implemented, waiting for you to flip a switch.
Whoever designed the system was either working with terrifying legacy data and didn't have much of a choice...
... or they just didn't consider that a database is more than just a a form of abstraction for storing typed scalars, arrays and dictionary data structures.
Admin
How do you know $prodID wasn't already checked? How do you know it's even from an outside source which is where SQL injection comes from?
$prodID = intval($prodID);
Then the select.
Admin
I'll hire the programmer who finds solutions without redesigining the whole table(s), breaking other stuff, etc., before I hire the complainer.
Admin
Perhaps for an encore you'd hire the doctor who can fix your lung cancer without a hospital stay instead of the "surgery" or "chemo" whiny complainer ones, eh?
Admin
It's just my opinion, but I think building SQL strings instead of using parameters aka bind variables can hamper system performance. In modern databases, SQL strings are parsed and then cached, this means when the exact string is encountered again, the already parsed version is used instead of reparsing the string. If you are substituting values into your string possibly each SQL statement has to be reparsed. Also, if you are using string or date variables, the construction of the sql string tends to look bad and is full of ...'"+str+"'... and stuff like that.
Admin
These days, I only ever make trivial changes to programs. First I'll spend 95% of my time transforming the existing program until the change I want to make will be trivial.
Admin
I don't know, I just don't think you're making a very good sale on this one. Sure, now 80 gigs seems like peanuts, but 10 years ago, costing out 80 gigs for a vax was a different story, not to mention that this was nowhere near the primary app for the vax it was installed on. Even now, I like to program for virtual servers, and I'm not going to buy storage for weenieisms unless its going to somehow win me something back.
What are you selling me here? Dude you have listed no advantages except for the privilege of pissing away storage space and losing the ease of coding that record editor.
Thats my biggest problem with RDBMS weenies. Even as I've seen in this thread, you guys argue for relational purism yet at the same time don't even know what you're talking about most of the time. Thats the real WTF here IMO!
Let me guess, if you were rewriting microsoft paint, you'd store the filename once for each pixel, right?
Admin
It's very anonymized, the conversation is the same, the entitiy names have been changed so have the developer names.
And there was more swearing invoved in the original.
Admin
God forbid someone point out the elephant in the living room. What have you got against someone who wants to actually be an engineer and not just hack things until they work (sort of)?
Admin
Nice troll.
deadline: if you work in a hospital and you fail to complete some actions by particular times, someone could die. That is a deadline. In most programming jobs, if you fail to complete a task by an arbitrary imposed date, nobody dies. That is just incompetent managers trying to crack the whip.
having a meeting about refactoring: if you need to hold a meeting, it isn't a refactoring, its a re-design and re-implementation.
Admin
[quote user="Raedwald] Nice troll.
deadline: if you work in a hospital and you fail to complete some actions by particular times, someone could die. That is a deadline. In most programming jobs, if you fail to complete a task by an arbitrary imposed date, nobody dies. That is just incompetent managers trying to crack the whip.
having a meeting about refactoring: if you need to hold a meeting, it isn't a refactoring, its a re-design and re-implementation.[/quote]
If your criteria is whether people die or not, why not just throw random data into the database and then go have a beer? Chances are nobody is going to die right?
Admin
Who says that a solution doesn't work if it doesn't scale? What works today is sufficient even if it doesn't work tomorrow if today is all you've got. Making decisions like that is a part of being an engineer (like me.)
Playing rough is not what engineers do, it's what assholes do. Are you saying that if you were in a design meeting and someone proposed something that you (in your opinion) thought was bad you would respond like that? Part of the job of most engineers is working effectively within a team. It's called being professional.
Admin
Yeah, I had that idea about 8 months ago, but I couldn't think of a good name for the site. Basically the idea is to be registered on the site and not be on anyones 'moron' list.
Admin
Today's trivial toy is tomorrow's enterprisey trainwreck. Better make it at least handle large data volume lest the management call you on the carpet because they dumped 12G of crap onto it and it died at a customer site.
No, I'd tone down the language, but i'd still call it terrible and all kinds of awful. In fact, I've done that a couple times, as I have a coworker that swings between gold plated crap and denormalized stuff like this.
Admin
Admin
@kenW:
Wow. Harsh much? It's one possible, simple solution. Not a terribly good one, but a simple one..
Admin
This is absolutely insane! Where's the mindbleach? CAPTCHA: gygax
Admin
And I certainly wouldn't want to rewrite Microsoft Paint in any way that would make it a more useful application. No, I love data formats, me. Data formats, and blinking.
I'm not an RDBMS fan. In fact, I hate the stuff; I just have to deal with it, in no small part because it's a way of communicating with everybody else.
I am, however, not a fan of insanely over-optimised solutions that don't scale, don't make sense, and are clearly hacked up for personal amusement and for no other reason.
Call me Ishmael.
Admin
Come on WTF staffers... I can't believe you just... Why in god's green earth did you put a flame comment in as one of the 'best of comments' for this article? I thought you made that 'best of' section for the people who hated reading the comments because they wanted to avoid the rampant flaming and trolling going on in the comments section...
I'm really disappointed in you guys.
Admin
Please notice that a Yes/No column is not selective. There is, in fact, a 50% chance to find the right value. An RDBMS will, therefore, not use an index and make a table scan instead. This is actually faster than the use of a useless index.
Admin
Or worse. You might find your name has been submitted.
Admin
Can the can
Suzie Quattro
Admin
KenW, why don't you suggest an alternative. That sounded like a reasonable solution to an otherwise stupid database design.
How many row are we talking about in that "agent" table? 10? 50? 1,000,000? How many time is that query going to run per minute? hours? days?
"Only some kind of total imbecile" would against a solution without ANY information on its use case. You're the WTF here.
regards,
Admin
This is scary... Seriously. Not only the WTF but also the comments that show this is not a single incident and there ARE people who believe this is elegant... OUCH...
Admin
As so many other stories on this site tell us, it's highly unlikely the designer of this scheme would even think of using a where clause, rather than trawling through all the records in client code.
Admin
Try this: where FOR i;i++;i>10{ statements } NEXT i; and ... Make sure all your statements are in upper case and comma-delimited. If, for any reason, it doesn't work, give up programming, as you may have no aptitude for it at all. Actually, just go ahead and give it up now.
Admin
That said, it's true that in most cases, an index on a boolean is not a good idea. If some records are "very special", it often pays to keep these to a separate table (and use a view to reintegrate the special and non-special records). Depending on your scenario, this might also bring concurrency benefits. Of course, YMMV: twiddling a bit column is usually faster than moving records between tables, and the concurrency benefits are negated if the field changes frequently.
Ah, the joys of database optimization. The real challenge is to make it efficient while still presenting a sane schema to the outside world.
Admin
...
0 1 1 - 3 1 0
WTF?
Admin
Why couldn't all-knowing James create a few simple scripts to extract this data from that field, expand it, and insert it into additional satellite tables as proper?
I know that the first time I should encounter a field like that in a database that I need to query, I'd be plotting it's demise.
Admin
I rest my case!
Admin
mmm... I though the WTF was about how to extract the information needed to have the new module in place. My bad, I guess. Thanks for teaching me a lesson.
Admin
Tell us how you really feel, Ken. Don't hold back.
Admin
Would someone plz send me teh codez? I need to implement this solution right away!
Many thanks!
Admin
[quote user="Ilyak"][quote] "select * from agencies where SUBSTRING(strProductLines," . $prodID . ",1) == 0" [/quote] That's so PHPish - not knowing anything about parameter substitition and thus always introducing sql injection.
That's why nobody likes PHP, if not PHPist himself.[/quote
Oh please. You can fail to validate input in any language. This is the fault of idiotic programmers, not the language they write in.
Admin
You guys have lost sight of the goal here. He needs to create a list of authorized sellers by product.
Add a varchar column AuthSellers to the product table that contains a comma separated list of authorized sellers. You could even add the existing codes 1-9 at the end of the name if you need to.
Then a simple query "select product from product_list where AuthSellers like '%Joe Blow%'" will get the desired results.
At least this is how the designer of the database I work with would have done it.
Admin
Well, the actual solution would be pretty easy. However it appears as though that table must be updated every time a new 'product' line is added or modified (I would hope). Talk about an orphan hell!
Screw scalar practices!
Admin
My guess is that there was an original application written on a X.500 or similar directory that was later moved to an SQL database due to hardware failure/end of support for the directory software. The maintainer kept the view and controller code and only changed that related to storing the information.
RDBMSs are perfect for accounting, but a big pain for other very important real life tasks, such as text storage, indexing and retrieval.
Admin
Admin
You're the one advocating XML for storing bitmaps. Thats the REAL wtf!!!
Admin
Admin
PHP does, but PHPers don't.
Admin
Admin
Admin
Admin
Admin
Bitmap indexes could work well for the 50/50 case, provided the underlying table isn't heavily updated.
Admin
Let's not forget, in all this talk about how fast or slow the substring implementation might be, that the time to maintain the mess is the expensive part.
Ask yourself these questions.
How much does an engineer cost.
How much does a CPU Second cost.
I think you will find the first answer is a lot larger than the second.
So what if the normalized solution is somewhat slower. It will at least be maintainable, and scalable.
It will probably not fall flat on its face when 10x or 100x rows are added to any of the tables.
Even if it does fall flat, some changes in indexing etc can pick it up again without rewriting the whole mess.
Admin
Based on my knowledge of PHP, it should be fairly easy to do...
//Connect to database, etc. for($i = 0; $i < strlen($string); $i++) { $status = $string[$i]; $query = "INSERT INTO table (`ID`, `Status`) VALUES (`$i`, `$status`)"; mysqli_query($dbc, $query); }If anyone sees this, can they tell me what's wrong with it?
Admin