- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
I've done something similarly stupid.
Boss: "Hey, SS, go and delete some values but keep the important rows in the (production) database."
Me:
Me: Hmmmm... why is this not running? Me: Oh, forgot to close the quote. Me: Oh shit... (luckily our backups where daily)Admin
If he backs it up any further, he'll crush the rear bumper and brake lights against that parked truck there!
Admin
Yep, I did it once, but it was only a small one and I managed to put it back together before anyone noticed. I was sitting in a puddle of perspiration after I'd finished. At least, I think it was only perspiration.
CAPTCHA: letatio: an unnatural act with a vegetable?
Admin
We apologise for the database llama outage. The people responsible for firing the people responsible, have been fired.
Admin
How long does it take to type 'rollback;'?
Admin
Admin
Admin
Part of any deployment plan involving SQL is some variant of 'set autocommit off', at least when I've done them. partying on production data without a safety net makes my blood run cold.
Admin
BTW, why bother turning autocommit off in a real deployment plan? This seems to imply that the DBA will be tinkering. My deployments simply use begin, rollback, and commit as necessary. I don't create plans that have a point where a human can intervene and roll a single transaction back. I'm sure someone out there is thinking that you might leave a transaction uncommitted and go verify that the application works, but it is highly unlikely that you can verify the data that has been modified (and is still locked) by a transaction from another session.
Admin
Admin
TRWTF is a working environment where developers have any more than SELECT access to production.
It was an accident waiting to happen.
Admin
I really feel for this guy.
Admin
I'm afraid i shouldn't have let you done that Dave. Dave, stop. Dave, stop.
Admin
Simple - the deployments I've done have been largely incremental, and turning off autocommit allows some sanity checking for updates and the like. Generally, I'm updating a known amount of metadata, so I expect perhaps 5 rows to be affected - if I get 100, I roll back and figure out why.
Admin
Admin
Damn, you are the kind of person who kills thedailywtf because no new story will even created with that kind of system in place.
Admin
ANSI / ISO, as of 2006, says: "It is implementation-defined whether or not the execution of an SQL-data statement is permitted to occur within the same SQL-transaction as the execution of an SQL-schema statement." (4.35.1)
Some DBMS's certainly can, notably PostgreSQL. I believe Sybase always could and SQL Server is essentially derived from Sybase. Others have various ways of saving you, e.g. Oracle autocommits DDL statements, but has a "recycle bin" to recover inadvertently dropped tables and has a feature that can generally guarantee "undoing" actions within a certain amount of time without taking the server offline.
Admin
You need a new keyboard. Apparently the comma key on yours is broken.
Admin
I was going to share this story with my colleagues yesterday morning, with a cheery note saying "At least we've never had a disaster like this one!"
Then I discovered that our team leader had wiped out a large chunk of irreplaceable customer data from one of our database the night before.
Unlike the hapless Dave in the story, our team leader won't lose his job, but I think I'll save this gem for another day!
Admin
And that is why you need to usually keep devs away from production systems.
And of course you need to separate development and production by an organizational firewall in the first place.
Admin
It is being so busy running that you don't have time to stop in order to get into the car ...
I usually charged customers for internal development - they needed the same scripts and hey, presto! Everybody was happy.
Admin
It is being so busy running that you don't have time to stop in order to get into the car ...
I usually charged customers for internal development - they needed the same scripts and hey, presto! Everybody was happy.
Admin
Poor Dave.
Early on in my career, an old hand explained to me how to use the DOS delete command. He said "When ever you have a command like this on the screen an alarm bell should go off in your head. Check and double check before you hit return". It was very sound advice.
Admin
TRWTF.. (forgive me if this was already brought up as I haven't read all the comments) is why the f(&* was that bonehead Dave touching a production sql server???? Any organization that has "mission critical" data in production should always have a separate dev environment to develop against, build test install scripts, wipe out stored procs or whatever. That way when people like Dave do their fat finger stunts they can still create a new instance of the database in the DEV environment without screwing up production. Heck, I don't even fully blame Dave for this... Much of the blame belongs to the managers of this organization for not making sure a DEV SQL Server was in place.
Admin
Maybe it should have been someone like Kevin.
Admin
Create Or Replace on Stored Procedures anyone?
Admin
Say, this company wasn't by any chance providing a software for the logistics industry?
I'm just asking because I think I was working at the same place at that time ;-)
Admin
I can't help but wonder how much of that is true because most IT people have very little business experience? If the business folk and IT folk actually work together to determine both the price of failover (high) and the cost of downtime (also high), they can figure out which decision makes sense for the company and both feel good about it. But no, its easier to point fingers...
Most IT cost is an investment. Many investments are reasonable, many are not.
Admin
Admin
The ultimate 'OHNO second'!
Admin
is that errors like this one are all too easy. Dave was the victim of a ridiculous process. Never mind the 17 ways this error should have been prevented, it's much harder to cause a disaster when you are typing "@install_stored_procedures.sql"
Admin
I must admit that I feel kind of sorry for Dave. It wasn't just his fault. Part of the problem was that no one was checking up on Dave. If you delegate some of your responsibilities to your underlings, you also put a process in place, so that when things start to slip, you know it before disaster strikes.
Admin
One of our production db is about 800 gigs! Hope i don't do something like that ;)
Admin
How did he log into the test environment and delete production environment data?
Sounds fishy.