Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "sql queries"
-
No it's not AI. YOU ARE RUNNING FUCKING SQL QUERIES AND CALLING IT AI!
No it's not AI. YOU ARE RUNNING SIMPLE DATA ANALYSIS MACROS AND FUNCTIONS IN EXCEL!
Stop labelling everything as AI, you attention and investment seeking morons! @&£$¢×xo##!29 -
Are you serious? Are you afraid of an SQL injection or something, and instead of properly sanitizing your queries you disallow characters? Or is your software and database so outdated that you're afraid special characters will break it? Goodbye security15
-
Fuck you, devs who quote Knuth:
"Premature optimization is the root of all evil"
I agree with the spirit of the quote. I agree that long-winded arguments comparing microsecond differences in performance between looping or matching constructs in a language syntax is almost always nonsense. Slightly slower code can even be preferable if it's significantly clearer, safer and easier to maintain.
But, two fucking points need to be made to you lazy quickfix hipsters trying to sell your undercooked spaghetti code as "al dente", just fucking admit that you had no clue what you were doing.
So here we go:
1. If you write neat correct code in one go, you don't need to spend time to optimize it. Takes time to learn the right patterns, but will save you time during the rest of your career.
2. If you quote Knuth, at least provide the context: "We should forget about small efficiencies, say about 97% of the time [...] Yet we should not pass up our opportunities in that critical 3%"
YES THAT CRITICAL 3% IS WHERE YOU MESSED UP.
I'll forgive you for disgorging your codevomit into this silly PR.
BUT YOU'RE QUOTING KNUTH IN YOUR DEFENSE?
Premature optimization is the root of all evil... 6300 SQL queries to show a little aggregate graph on the dashboard... HE WOULD FUCKING SLAP YOUR KEYBOARD IN HALF IN YOUR FACE.3 -
FML. An overreaching supergenius "architect" and a database team:
A: "We have decided that apps should use mysql. Install a MySQL so we match cloud"
DBA: "we don't have an image or experience with MySQL. We have mssql and Oracle "
A: "ok, use mssql in data center and mysql in production cloud"
DBA: "that's... not going to work well"
A: "just do it!"
...
Me, reading this shit, sends email: "ignoring the fact that we have more than 500 queries in this application which will need to be checked and most likely rewritten, how are we supposed to test the mysql queries without production access?"
A: "just use mssql local and MySQL in cloud"
M: "... Just to make sure I understand, you want us to write queries for mssql, test them locally, and then write separate queries, with a separate SQL connection abstraction that deploys to production? Again, how are we going to test this?"
A: "no, use same queries, should be fine"
M: "they really won't, they're different dialects"
A: "do the needful, make work!"
If karma were a thing, this person would have long since exploded into a cloud of atomized blood.18 -
Had to do a course on database design a couple of years ago. One exercise was about SQL queries and a bit of theory of databases.
On the night of the submission I got so drunk that I had to use both hands to control the mouse and instead of my solution I uploaded the exercise description.4 -
Laravel is the worst framework ever.
Everything has to be made convenient and easy. That sounds amazing, because developers want to save time, worry less about boilerplate code, right? No more constructors, no more dependency injection, fuck all the tedious OOP shit... RIGHT?
It does one thing well: Make PHP syntax uniform and concise through easily integrated libraries such as Collection and Carbon. But those are actually not really part of the framework... just commonly integrated and associated with Laravel.
The framework itself is completely derailed: You can define code in a callback in the routes file. You can define a controller in the routes file. You can define middleware as a parameter to the route, as a fluent method to the route, you can stack them up in a service provider. Validators can be made in controllers, Request objects, service providers, etc. You can send mail inline, through Mailable objects, through Notification objects, etc.
Everything is macroable, injectable, and definable in a million different places. Ultimate freedom!
Guess what happens when you give 50 developers of various seniority a swiss army knife?
One hammers in a screw with a nail file, the other clips the head from the screw using scissors, and you end up with an unworkable mess and blunt tools.
And don't get me started about Eloquent, the Active Record ORM. It's cute for the simple blog/article/author/comment queries, but starts choking when you want more selective and performant queries or more complex aggregates, and provides such an opaque apple-esque interface which lets people think everything is OK, when in reality it's forcing the SQL server to slowly commit suicide.50 -
Time for an actual rant:
During an internship I heard from my PM that my assignment for the week after was going to be working on a specific sql query to add some features and fix some bugs.
When talking with colleagues about that assignment later, they laughed and referred to the query as the "query of doom" (QoD), naive as I was back then, I thought that one of my colleagues had the QoD displayed on his screen because the query he was working on looked rather large (about 20 lines). They all laughed and told me I was in for a treat.
Starting my assignment the week after I was horrified to find out the QoD was huge, and by huge I mean, printing that specific query resulted in 8 A4 pages font size 10, front and back.
There were over a 100 union statements, no proper aliases, no documentation, not a single foreign key in the entire database, naming that makes no sense. And everything written manually by 10 different developers over the past years, who all fell of the face of the earth.
And this was only the query of doom. The entire product was a complete clusterfuck of forms with a queries directly behind action buttons, because we weren't allowed to make classes (yes you read that correctly. We couldn't make classes, unless we had a very compelling reason). Everything was created by over 30 different devs who only managed to stay just long enough to get some work done.
And all of this was the result of a PM who didn't believe in frameworks, ORM's, OOP, classes, ... because that made the software slow. To this day he still manages that product, but I'm glad that I quickly decided to move on.9 -
I once optimized a web page that performed 621 SQL queries and loaded in 21 seconds in a production app.8
-
You can't imagine how many lines of pure and utter horseshit, seemingly written in PHP, I had to dig through this whole weekend. (relating to my 2 previous rants)
How is it even possible to write code this unbelievably ugly?
Examples:
- includes within loops
- included files use variables from parent files
- start- and endtags separated to different files
- SQL queries generated by string concatenation, no safety measures at all (injection)
- repeating DB calls within loops
- multiple directories with the same code (~40 files), only different by ~8 lines, copied
- a mixture of <?php echo ... ?> and <?= ... ?>
- a LOT of array accesses and other stuff prefixed with "@" (suppress error messages)
- passwords in cleartext
- random non-RESTful page changes with a mixture of POST and GET
- GET parameters not URL-encoded
- ...
My boss told me it took this guy weeks and weeks of coding to write this tool (he's an "experienced dev", of course WITHOUT Git).
Guess what?
It took me only 20 hours and about 700 lines of code.
I must confess, since this task, I don't hate PHP anymore, I just simply hate this dev to death.
Addendum: It's Monday, 5:30am. Good night. 😉12 -
Buddy from dept I was in 4 years ago: Check your email.
Me: OK
10 mins later
Buddy: Can you join a webex now?
Me: No
Buddy: OK, I'll forward the details, join when you can.
Me: Could you give me a little context?
Buddy: You helped them pull a cert off a USB stick in Switzerland last year (I'm in US).
Me: Don't think I did.
When I get a chance to read email chain, half of it is in German (I don't read it). Have not idea what this is about, but there seems to be a newer one that says it was resolved.
Me to Buddy: Looks like it was resolved.
Buddy: Yes, but they're still mad at you.
Me: Why?
Buddy: Because you wrote that app and it's hard to update the certs.
Me: I wrote that app as a favor, the dev they hired spent 6 months rewriting 3 SQL queries before being fired.
Buddy: LOL, well I guess they don't like the cert part.
Me: OK, but when I turned it over to them it didn't have a cert at all, I have no idea what the feature is.
Buddy: They said you help them last year.
Me: I didn't.
Buddy: Well they still think it's all your fault.4 -
Not that i mean any disrespect but fuck you. Fuck you and all that you stand for. No seriously, just go hit a train and die.
You are a DBMS teacher in an Engineering college and teaching to the Computer Science students in the year 2017, where computers are fully capable of playing sports and simulating human brain.
And you want your students to write down all the sql queries along with their monolithic tabular output on paper..... With pen?
And you wont accept my printed out output?
Fuck you from the depths of my heart.
Go ahead and dont accept my project.
I dont need your fucking credits.7 -
The gift that keeps on giving... the Custom CMS Of Doom™
I've finally seen enough evidence why PHP has such a bad reputation to the point where even recruiters recommended me to remove my years of PHP experience from the CV.
The completely custom CMS written by company <redacted>'s CEO and his slaves features the following:
- Open for SQL injection attacks
- Remote shell command execution through URL query params
- Page-specific strings in most core PHP files
- Constructors containing hundreds of lines of code (mostly used to initialize the hundreds of properties
- Class methods containing more than 1000 lines of code
- Completely free of namespaces or package managers (uber elite programmers use only the root namespace)
- Random includes in any place imaginable
- Methods containing 1 line: the include of the file which contains the method body
- SQL queries in literally every source file
- The entrypoint script is in the webroot folder where all the code resides
- Access to sensitive folders is "restricted" by robots.txt 🤣🤣🤣🤣
- The CMS has its own crawler which runs by CRONjob and requests ALL HTML links (yes, full content, including videos!) to fill a database of keywords (I found out because the server traffic was >500 GB/month for this small website)
- Hundreds of config settings are literally defined by "define(...)"
- LESS is transpiled into CSS by PHP on requests
- .......
I could go on, but yes, I've seen it all now.12 -
A few weeks ago a client called me. His application contains a lot of data, including email addresses (local part and domain stored separately in SQL database). The application can filter data based on the domain part of the addresses. He ask me why sub.example.com is not included when he asked the application for example.com. I said: No problem, I can add this feature to the application, but the process will take a longer.
Client: No problem, please add this ASAP.
So, the next day I changed some of the SQL queries to lookup using the LIKE operator.
After a week the client called again: The process is really slow, how can this be?
Me: Well, you asked me to filter the subdomains as well. Before, the application could easily find all the domains (SQL index), but now it has to compare all the domains to check if it ends with the domain you are looking for.
Client: Okay, but why is it a lot slower than before?
Me: Do you have a dictionary in your office?
<Client search for a dictionary, came back with one>
Me: give me the definition of the word "time"
<Client gives definition of time>
Me: Give me the definition of all words ending with "time"
Client: But, ...
Never heard from him again on this issues :-P5 -
Forgive me father, for I have sinned. Alot actually, but I'm here for technical sins. Okay, a particular series of technical sins. Sit your ass back down padre, you signed up for this shit. Where was I? Right, it has been 11429 days since my last confession. May this serve as equal parts rant, confession, and record for the poor SOB who comes after me.
Ended up in a job where everything was done manually or controlled by rickety Access "apps". Many manhours were wasted on sitting and waiting for the main system to spit out a query download so it could be parsed by hand or loaded into one of the aforementioned apps that had a nasty habit of locking up the aged hardware that we were allowed. Updates to the system were done through and awful utility that tended to cut out silently, fail loudly and randomly, or post data horrifically wrong.
Fuck that noise. Floated the idea of automating downloads and uploads to bossman. This is where I learned that the main system had no SQL socket by default, but the vendor managing the system could provide one for an obscene amount of money. There was no buy in from above, not worth the price.
Automated it anyway. Main system had a free form entry field, ostensibly for handwriting SELECT queries. Using Python, AutoHotkey, and glorified copy-pasting, it worked after a fashion. Showed the time saved by not having to do downloads manually. Got us the buy in we needed, bigwigs get negotiating with the vendor, told to start developing something based on some docs from the vendor. Keep the hacky solution running as team loves not having to waste time on downloads.
Found SQLi vulnerability in the above free form query system, brought it up to bossman to bring up the chain. Vulnerability still there months later. Test using it for automated updates. Works and is magnitudes more stable than update utility. Bring it up again and show the time we can save exploiting it. Decision made to use it while it exists, saves more time. Team happier, able to actual develop solutions uninterrupted now. Using Python, AutoHotkey, glorified copy-pasting, and SQLi in the course of day to day business critical work. Ugliest hacky thing I've ever caused to exist.
Flash forward 6 years. Automation system now in heavy use acrossed two companies. Handles all automatic downloads for several departments, 1 million+ discrete updates daily with alot of room for expansion, stuff runs 24/7 on schedule, most former Access apps now gone and written sanely and managed by the automation system. Its on real hardware with real databases and security behind it.
It is still using AutoHotkey, copy-paste, and SQLi to interface with the main system. There never was and never will be a SQL socket. Keep this hellbeast I've spawned chugging along.
I've pointed out how many ways this can all go pearshaped. I've pointed out that one day the vendor will get their shit together they'll come in post system update and nothing will work anymore. I've pointed out the danger in continuing to use the system with such a glaring SQLi vulnerability.
Noone cares. Won't be my problem soon enough.
In no particular order:
Fuck management for not fighting for a good system interface
Fuck the vendor for A) not having a SQL socket and B) leaving the SQLi vulnerability there this long
Fuck me for bringing this thing into existence5 -
Writing raw SQL queries is honestly a lot of fun if you have unrestricted access to interesting data.
Man I'm boring...1 -
A Month ago...
Me: when are you going to complete the report
Friend: we can do it in minutes
Me: you can't Ctrl + c and Ctrl +v as there is plagiarism check
Friend: we have spin bot
Me: you do that now itself . if something happens? You can join me .
Friend: just chill
Now ...
Me: done with report
Friend: feeding it to spin bot!
Feeds text related to database security....
Spin bot:
Garbage collector == city worker
SQL statements == SQL explanation
SQL queries == SQL interrogation
SQL injection == SQL infusion
Attack == assault
Malicious == noxious
Data integrity == information uprightness
Sensitive == touchy
.....
Me: told you so...
**spin not == article rewriter3 -
Hi,
I'm not a ranty person so I never actually thought I'd post anything here but here it goes.
From the beginning.
We use ancient technologies. PHP 5.2, Symfony 1.2 and a non RFC complient SOAP with NO documentation.
A year ago We've been thrown a new temporary project. An VOIP app for every OS.
That being iOS, Android, MAC, PC, Linux, Windows mobile. With a 3 month deadline. All that thrown at 4 PHP developers. The idea being that They'll take it, sign the delivery protocol, everyone happy. No more updates for the app needed. They get their funds they needed the app for and we get paid.
Fast forward to today...
Our dev team started the year with great news that We'll most likely have to create a new project. Since the amount of new features would be far greater than current feature set, we managed to finally force our boss to use newer technologies (ie. seperate backend symfony4 PHP7+/frontend react, rest api and so on). So we were ecstatic to say the least. With preestimates aimed at a minimum 3 month development period. Since we're comfortable with everything that needs to be done.
Two days later our boss came to me that one of our most annoying clients needs a new feature. Said client uses ancient version written on a napkin because They changed half of the specification 2 weaks before deadline in a software made not by a developer but some sysadmin who didn't know anything. His MVC model was practically VVV model since he even had sql queries in some views. Feature will take 3 days - fixing everything that will break in the meantime - 1-2 months.
F*** it, fine. A little overtime won't kill me.
Yesterday boss comes again... Apparently someone lost a delivery protocol for a project we ended that half a year ago. Whats even better at the time when we asked for hardware to test we never got any. When we asked about any testing enviornment - nothing. The app being SEMI-stable on everything is an overstatement but it was working on the os'es available at the time. Since the client started testing now again, it turns out that both Android app does not work on 8.1/9 and the iOS app does not work on ios12. The client obviously does not want to pay and we can do little with it without the protocol, other than rewriting the apps.
It will take months at least since all of those apps were written by people that didn't know neither the OS'es nor the languages. For example I started writing the iOS one in swift. Only to learn after half of the development time, that swift doesn't like working by C Library rules and I had to use ObjC also. With some C thrown in due to the library. 3 unknown languages, on an unknown platform in 3 months. I never had any apple device in my hand at that time nor do I intend to now. I'm astonished it worked out then. It was a clusterf**k of bad design and sticking everything together with deprecated apis and a gum. So I'll have to basically fully rewrite it.
If boss decides we'll take all those at the same time I'll f***ing jump of a bridge.8 -
I've optimised so many things in my time I can't remember most of them.
Most recently, something had to be the equivalent off `"literal" LIKE column` with a million rows to compare. It would take around a second average each literal to lookup for a service that needs to be high load and low latency. This isn't an easy case to optimise, many people would consider it impossible.
It took my a couple of hours to reverse engineer the data and implement a few hundred line implementation that would look it up in 1ms average with the worst possible case being very rare and not too distant from this.
In another case there was a lookup of arbitrary time spans that most people would not bother to cache because the input parameters are too short lived and variable to make a difference. I replaced the 50000+ line application acting as a middle man between the application and database with 500 lines of code that did the look up faster and was able to implement a reasonable caching strategy. This dropped resource consumption by a minimum of factor of ten at least. Misses were cheaper and it was able to cache most cases. It also involved modifying the client library in C to stop it unnecessarily wrapping primitives in objects to the high level language which was causing it to consume excessive amounts of memory when processing huge data streams.
Another system would download a huge data set for every point of sale constantly, then parse and apply it. It had to reflect changes quickly but would download the whole dataset each time containing hundreds of thousands of rows. I whipped up a system so that a single server (barring redundancy) would download it in a loop, parse it using C which was much faster than the traditional interpreted language, then use a custom data differential format, TCP data streaming protocol, binary serialisation and LZMA compression to pipe it down to points of sale. This protocol also used versioning for catchup and differential combination for additional reduction in size. It went from being 30 seconds to a few minutes behind to using able to keep up to with in a second of changes. It was also using so much bandwidth that it would reach the limit on ADSL connections then get throttled. I looked at the traffic stats after and it dropped from dozens of terabytes a month to around a gigabyte or so a month for several hundred machines. The drop in the graphs you'd think all the machines had been turned off as that's what it looked like. It could now happily run over GPRS or 56K.
I was working on a project with a lot of data and noticed these huge tables and horrible queries. The tables were all the results of queries. Someone wrote terrible SQL then to optimise it ran it in the background with all possible variable values then store the results of joins and aggregates into new tables. On top of those tables they wrote more SQL. I wrote some new queries and query generation that wiped out thousands of lines of code immediately and operated on the original tables taking things down from 30GB and rapidly climbing to a couple GB.
Another time a piece of mathematics had to generate all possible permutations and the existing solution was factorial. I worked out how to optimise it to run n*n which believe it or not made the world of difference. Went from hardly handling anything to handling anything thrown at it. It was nice trying to get people to "freeze the system now".
I build my own frontend systems (admittedly rushed) that do what angular/react/vue aim for but with higher (maximum) performance including an in memory data base to back the UI that had layered event driven indexes and could handle referential integrity (overlay on the database only revealing items with valid integrity) or reordering and reposition events very rapidly using a custom AVL tree. You could layer indexes over it (data inheritance) that could be partial and dynamic.
So many times have I optimised things on automatic just cleaning up code normally. Hundreds, thousands of optimisations. It's what makes my clock tick.4 -
Serbia. $600/month for
- full stack
- angular dev
- java spring boot backend dev
- jenkins
- ci/cd pipelines
- jira
- unit integration E2E tests
- kubernetes
- docker
- graphql
- postgres
- sql queries
- aws
- microservices
- deployments
- scala
- kafka
- maven/gradle
- bsc or msc cs degree
- in depth knowledge of
-- observables
-- design patterns
-- jwt and how it works
-- ssl certificates
-- solid principles
There is more but i forgot the rest17 -
Sooo I've been working on an ancient php 5.6 project that did not have any documentation and was a homemade "framework" created 7 years ago. The original creator is long gone and no one else knows a lot about this project.
When I first looked into it I almost immediately noticed the security flaws...
Old outdated libraries
a "development" feature to easily turn dev mode on/off
BY A GET PARAMETER!
it spits out full sql queries and php warnings -.-
Oh and did I mention that the site is a webshop.... and has a backdoor password?
AND THAT THE CUSTOMER REQUESTED THAT?3 -
I messed up carelessly in production. Learnt how SQL queries bite you in the ass when it knows you are under pressure.
Was hosting an online quiz kinda thing during my college techfest. Tens of thousands of people participating.
Using MySQL as database and thousands of queries were being executed. Everyone were pretty excited as the event just opened up.
None of the teams could solve one particular level. Turns out the solution was wrong and was asked by the organisers to change the solution for that particular level. Usual stuff, right?
Was too lazy to open up the web UI for the back office and so, straight ahead logged in to the MySQL server and ran the UPDATE query on the table consisting of the solutions.
It had been a couple of hours and the organisers came to me with a weird problem. There were no changes in the scoreboard for the last two hours. Everyone were stuck wherever they were. Weird, right?
I then realized.
Fk.
In that dreaded query, I had only run
UPDATE 'qa' SET answer = 'something'
leaving out the where clause, specifying the question to update, like
WHERE qno=13
As a result, solutions to all the questions were updated to the same answer. After hastily fixing everything back, I had the dreaded conversation.
Org: What was the problem?
Me: It was the cache.
Org: Damn thing. Always messes up.
Me: *sheepishly* yeah
Probably the most embarrassing moment in my life, wrt coding 😑4 -
I thought most developers were aware of the dangers of interpolating variables into strings in the context of SQL queries, but apparently some people are oblivious.
`SELECT * FROM USERS WHERE USERNAME = ${username}`
My username is ' ' OR 1=1;6 -
After months of development, testing, testing and even more testing the app was ready for deployment to production. Happy days, the end was in sight!
I had a week's leave so I handed over the preparation for deployment to my Senior Developer and left it in his capable hands while I enjoyed the sun and many beers.
I came back on the day of deployment and proudly pressed the deploy button. Hurrah!
Not long after I got loads of phone calls from around the country as the app wasn't working. What madness is this?! We tested this for months!
Turns out my Senior didn't like the way I'd written the SQL queries so he changed them. Which is obviously both annoying and unprofessional, but even worse he got a join wrong so the memory usage was a billion times more and it drained the network bandwidth for the whole site when I tried to debug it.
I got all the grief for the app not working and for causing many other incidents by running queries that killed the network.
So...much... rage!!!3 -
SQL injection holes everywhere... The original author of the product put concatenated SQL queries throughout the whole application. If it's not the client asked for a penetration test, we as developers wouldn't even be given chance to fix this shit.
I'm actually glad to have the chance. I can't live seeing them every day but force myself to ignore them.8 -
I managed to accidentally clear everybody's usernames and email addresses from an SQL table once. I only recovered it because a few seconds before, I'd opened a tab with all the user data displayed as an HTML table. I quickly copied it into Excel, then a text editor (saving multiple times!), then managed to write a set of queries to paste it all back in place. If I'd refreshed the tab it would have all gone!2
-
My first time working with Java and SQL queries(SQL with little/no knowledge): created separate db for each entities and hoped it to work together after the coding was finished.
what a noob! -
Who holds the #1 Google spot for these queries?
fuck c#: devRant
fuck typescript: devRant
fuck xcode: devRant
fuck product owner: devRant
fuck docker: reddit (devRant is 2)
fuck java: reddit (devRant is 2)
fuck agile: reddit (devRant is 2)
fuck scrum: reddit (devRant is 2)
fuck sql: reddit (devRant is 2)
fuck node: reddit (devRant is 3)
fuck php: github (devRant is 4)
fuck python: github (devRant is 4)
fuck clojure: reddit (devRan't didn't rank on first page)
fuck rust: reddit (devRant didn't rank on first page)
fuck scala: reddit (devRant didn't rank on first page)
fuck ruby: **am I still connected to the company VPN? I might have some explaining to do** (devRant didn't rank)12 -
Tl;DR; version:
French designer, Mexican PSD -> HTML converter, Indian VueJS developer, Spanish project manager and a Taiwanese back-end developer. Application was made like an tower of pizza from bullcrap held by boogers and constantly licked by an orangutang to keep it standing.
Longer version:
We had to take a "half-finished" project from one of our clients, received the code for full-stack project. The css/design was so unbearable that it mostly broke on anything that had higher than 720px wide screen, structure was full of tables/divs and no fucking flexbox/grid... Then the fun part - we saw it's conversion to vueJS - a single fucken App.vue file that had shitton of conditions for pages.... yea, not even multi-component/routed app, just conditions!!!! And then... A back-end (in which I mainly specify myself) - it was made by a developer that had to mainly use Java/C# as their daily driver while all being build on php and Laravel. 0 Fucken laravel functions used, 0 of models, logic and so on.... Most of the page was running on RAW sql queries. Names... Oh my god the function names....
`getTheUsersThatHasAtLeastOneSpaceAssignedToThemByGivenCompanyId(int $id)`
And it held an RAW sql that was coming from a model....
All of this was managed by a random spanish manager who couldn't really understand what our client needed and what he actually wanted so from 100% of the site, only 20% was correct in logic....
And yet, according to the whole "package" (team) - they did everything correctly, saw no issues and our client was ungrateful fucker that refused to pay 10x the amount that we asked in order to completely re-do the application....
Morale: Remote teams are great... As long as all of them can work remote in TEAM.5 -
A colleague of mine had to debug performance problems in a foreign, proprietary application that is ancient.
To be crystal clear: Only reason that thing exists is because some old geezers fear change.
Asked me for help cause it's an _ancient_ MS SQL server that is luckily running on hardware owned by us.
Finding the credentials was already a funny task.
We had to access the vault (not joking here, we have a physical vault for storing sensitive data and critical backups), grab a folder and find the necessary data cause no one ever dares to touch that thing.
The application is btw for a sort of ERP / inventory system that is used in some ancient shops not yet migrated...
Yeah. Story speaks for itself.
Anyway, after dusting off ourselves, we were able to connect.
Was a bit ... Interesting. Everything's in german. The worst kind of german.
After looking at the first tables, I started giggling.
My colleague knew immediately that this was a sign of danger (insert Simpson meme here), raised his eyebrows and asked "How bad is it....".
Me, still giggling, "lemme take a further look, this is gold".
*long sigh from the colleague*
Well... It ended with me putting my hands in front of my eyes, turning around and saying: "I cannot look at it anymore, it hurts too much...."
To summarize:
- German table names
- When a table exceeded 300 plus columns, they added another table with the same plus suffix "_ddd"… where ddd is an zero filled integer sequence like 001
- To join this mess, they created views... Named "generator" - Sequence Number ... Some had the beginning of table names appended, which doesn't make it less confusing.
- the process list was listing queries running longer than 5 mins.
Which isn't at all surprising when generating carrtesian products of N tables with left join.
I've seen shit.... I've seen a lot of shit.
But that shit scared me.1 -
i understand some developers like to write wrapper functions to handle tedious things, I even understand how to write dynamic SQL queries, but for the love of fucking god and sanity, NEVER FUCKING DO THIS!!!!
Yes its PHP, but its not even bad PHP, its a fucking abomination from hell of PHP.rant mysql legacy code gone wrong bourbon lots of bourbon why the fuck god no php sql injection ftw what in the flying fuck30 -
I hired 2 fresh out of school junior devs to work with me on my old web app.
They were brilliant, knew a lot of things, and were motivated.
They started complaining about how the code was shit, the db was shit, there were no best practices, the technology was old, bug fixing was boring, no comments in code.
I felt bad, very bad during 3 years, because they were absolutely right. I tried to work with them through better coding practices, rewriting, documenting etc.
Now they both have left.
I'm alone maintaining and evolving the application.
And I start to come across the code THEY developed.
What a bunch of shit. SQL queries bringing down the server. Duplicate code, because they didn't want even read the old one. Useless comments.
Performance killing functions. Exceptions swallowed without mercy. I have to clean up they poop.
I feel somewhat better, though. The application is still growing and holding the ground after many years and generating at least 800K$ per year in revenues.
Maybe better, but sad. I really wanted to share the project with somebody else but I failed, and I'm left alone....12 -
Taking a database class, prof insists on using Microsoft Sql server 2014. "Okay cool" said the Microsoft surface fan boy inside me as I installed it. "Holy shit this is using 6 fucking GBs?? Eh it's okay I trust" again said my Microsoft fanboy self. Finished installing, makes queries and it works. Cool.
Go to run Sql server again next day and get an error (nothing displayed, just a box pop up and then a crash) I use some Google skills. Change a bunch of shit and still it persists. "Just uninstall it and reinstall again" says my prof. I do so except random errors during installation saying Sql already exists even though I just uninstalled it. "Maybe it's some registry keys messing with it!" do some digging, remove unneeded registry keys and try again. Installation finished but a whack of features say failed to install.
I sit and try to work this shit out for the next four hours (not paying attention to my class) and still can't get Sql to completely uninstall itself. I try iobit uninstaller, command line uninstalling, fucking everything but still not working. Slowly my fanboy side is wishing that the windows symbol on the back of my machine was an apple.
I ended up having to backup all my files and reinstalling windows to get it working properly. Holy sweet fuck. The worst part is when this class is done ill probably need to reinstall yet again to save the 6gb it's sucking up. So if you're not sure whether you need something as heavy as Microsoft Sql server or not for your application, don't use it! It's a fucking virus that is super difficult to remove.
Tldr: life long Microsoft fanboy becomes apple convert in a day of using Microsoft Sql server.9 -
Pushed an update to production but forgot to turn off the debug option to print SQL queries to the log. Now all I see is SQL queries.
It's now hopeless to read the log with tail ¯\_(ツ)_/¯2 -
Hired a new BI developer. She tested reasonably ok in SQL, and certainly showed good strengths in visualising data, plus had a good attitude in the interview. We hired her. She broke her laptop the first day. We got her another then she complained the camera didn't work but didn't realise the lever in front of the camera was to move the privacy shutter off and on.
Assigned her some work of taking queries that are used in a BI tool that targets the transactional database directly, and re-jigging them for Snowflake which we're using as a data warehouse now, aggregating all our data into one place. Yet, she's struggling to understand why the SQL query she's pasted in doesn't work as-is.
I go over it again; the source schemas and tables are this, but in Snowflake we've named them this. She then bemoans how much work that is to change them all - I say use find and replace. She then struggles with Snowflake syntax errors and asks for a guide on T-SQL to Snowflake. I show her Google and say "this is what I did when I hit these problems - search for 'Snowflake equivalent to T-SQL getdate()' or 'how to get current date in Snowflake' but she still doesn't understand. I ask if she's every had to work between T-SQL and MySQL or MySQL and PostgreSQL or Oracle and so on and she says yes. I say the syntax isn't the same, is it? And she goes oh, now I understand.
She scored reasonably in her SQL test but I'm now concerned there's something fundamental missing in her grasp of SQL. I gave her a detailed demo of the tools, I explained in the interview and on her start about our move to a data warehouse for all our apps, and put her through some training plus gave her time to work through our Confluence pages - not expecting she'll remember everything, but more to ensure she recalls they exist and what the general contents are.
Anyhow, that's my rant.6 -
Maybe not worst, but most frustrating. One of the systems I helped maintain at my first job had a few different bugs that caused bad data in the database. The "solution" to the problem was to write SQL queries to directly fix the production data. This would take one member of our team (it rotated weekly) about an hour every day to fix because there were literally dozens of these errors.
All the devs knew that we could identify the root cause and fix it in, probably, 3-4 days tops. Management would never approve the time because it would take longer to fix the root cause than it took to fix the data.
I worked at that company for 7 years. The bug was there when I came on, and it was there when I left.2 -
Using Oracle 10g for our distributed databases practical lab session, and typed many SQL queries in one sheet.
Suddenly this guy came and told shortcut 'ctrl + r' to quickly run selected query.
And the page fucking reloaded and boom, all queries were gone! His evil laugh was more disturbing. 😡😡
Fuck him.3 -
If anyone has been keeping up with my data warehouse from hell stories, we're reaching the climax. Today I reached my breaking point and wrote a strongly worder email about the situation. I detailed 3 separate cases of violated referential integrity (this warehouse has no constraints) and a field pulling from THE WRONG FLIPPING TABLE. Each instance was detailed with the lying ER diagram, highlighted the violating key pairs, the dangers they posed, and how to fix it. Note that this is a financial document; a financial document with nondeterministic behavior because the previous contractors' laziness. I feel like the flipping harbinger of doom with a cardboard sign saying "the end is near" and keep having to self-validate that if I was to change anything about this code, **financial numbers would change**, names would swap, description codes would change, and because they're edge cases in a giant dataset, they'll be hard to find. My email included SQL queries returning values where integrity is violated 15+ times. There's legacy data just shoved in ignoring all constraints. There are misspellings where a new one was made instead of updating, leaving the pk the same.
Now I'd just put sorting and other algos, but the data is processed by a crystal report. It has no debugger. No analysis tools. 11 subreports. The thing takes an hour to run and 77k queries to the oracle backend. It's one of the most disgusting infrastructures I've ever seen. There's no other solution to this but to either move to a general programming language or get the contractor to fix the data warehouse. I feel like I've gotten nowhere trying to debug this for 2 months. Now that I've reached what's probably the root issue, the office beaucracy is resisting the idea of throwing out the fire hazard and keeping the good parts. The upper management wants to just install sprinklers, and I'm losing it. -
Got a job as a database manager, they wanted me to update their sql server and some of their .net apps. Turns out their sql server had no databases and all their data was stored in an ms access 2003 applications that was using windows for workgroups security!!! It also had no interface, hundreds of tables and queries and there were multiple access db it was connected to. To make things worse the person who built all this stuff used acronyms for everything he did, table names, variables, queries and even bloody window folders!!! It was hard as hell to figure out what anything ment. Oh and the .net apps were asp sites that heavily used dll for storing his code and no one knows where the original source code for them are. Did I also mention there were no comments for any of the code, no database dictionary, no notes or anything.
So apparently I'll be rebuilding everything from scratch and transferring over the data to sql server. AND NO MORE F**KING ACRONYMS!!!!!!!2 -
So, part of my job is working with SQL. Not my favorite technology to work with. But the tables have mostly non-descript fields, multiple schemas in the same table, and encoded relationships spanning multiple tables. Yes, the database from hell! On top of that, there is very little documentation on this mess. -- And my boss wants me to write queries against a combination of these tables to make sure the program is working. RIGHT...3
-
Want to make someone's life a misery? Here's how.
Don't base your tech stack on any prior knowledge or what's relevant to the problem.
Instead design it around all the latest trends and badges you want to put on your resume because they're frequent key words on job postings.
Once your data goes in, you'll never get it out again. At best you'll be teased with little crumbs of data but never the whole.
I know, here's a genius idea, instead of putting data into a normal data base then using a cache, lets put it all into the cache and by the way it's a volatile cache.
Here's an idea. For something as simple as a single log lets make it use a queue that goes into a queue that goes into another queue that goes into another queue all of which are black boxes. No rhyme of reason, queues are all the rage.
Have you tried: Lets use a new fangled tangle, trust me it's safe, INSERT BIG NAME HERE uses it.
Finally it all gets flushed down into this subterranean cunt of a sewerage system and good luck getting it all out again. It's like hell except it's all shitty instead of all fiery.
All I want is to export one table, a simple log table with a few GB to CSV or heck whatever generic format it supports, that's it.
So I run the export table to file command and off it goes only less than a minute later for timeout commands to start piling up until it aborts. WTF. So then I set the most obvious timeout setting in the client, no change, then another timeout setting on the client, no change, then i try to put it in the client configuration file, no change, then I set the timeout on the export query, no change, then finally I bump the timeouts in the server config, no change, then I find someone has downloaded it from both tucows and apt, but they're using the tucows version so its real config is in /dev/database.xml (don't even ask). I increase that from seconds to a minute, it's still timing out after a minute.
In the end I have to make my own and this involves working out how to parse non-standard binary formatted data structures. It's the umpteenth time I have had to do this.
These aren't some no name solutions and it really terrifies me. All this is doing is taking some access logs, store them in one place then index by timestamp. These things are all meant to be blazing fast but grep is often faster. How the hell is such a trivial thing turned into a series of one nightmare after another? Things that should take a few minutes take days of screwing around. I don't have access logs any more because I can't access them anymore.
The terror of this isn't that it's so awful, it's that all the little kiddies doing all this jazz for the first time and using all these shit wipe buzzword driven approaches have no fucking clue it's not meant to be this difficult. I'm replacing entire tens of thousands to million line enterprise systems with a few hundred lines of code that's faster, more reliable and better in virtually every measurable way time and time again.
This is constant. It's not one offender, it's not one project, it's not one company, it's not one developer, it's the industry standard. It's all over open source software and all over dev shops. Everything is exponentially becoming more bloated and difficult than it needs to be. I'm seeing people pull up a hundred cloud instances for things that'll be happy at home with a few minutes to a week's optimisation efforts. Queries that are N*N and only take a few minutes to turn to LOG(N) but instead people renting out a fucking off huge ass SQL cluster instead that not only costs gobs of money but takes a ton of time maintaining and configuring which isn't going to be done right either.
I think most people are bullshitting when they say they have impostor syndrome but when the trend in technology is to make every fucking little trivial thing a thousand times more complex than it has to be I can see how they'd feel that way. There's so bloody much you need to do that you don't need to do these days that you either can't get anything done right or the smallest thing takes an age.
I have no idea why some people put up with some of these appliances. If you bought a dish washer that made washing dishes even harder than it was before you'd return it to the store.
Every time I see the terms enterprise, fast, big data, scalable, cloud or anything of the like I bang my head on the table. One of these days I'm going to lose my fucking tits.10 -
i was coding some SQL queries for about 4 hours. After i had all of them done (more than 20 queries), the administration chick told me she doesn't needed all of them, just the half. I just wanted to kill her...6
-
To the cunts who use single character aliases for their SQL queries table joins... Suck my throbbing dick till you choke on it and die....
That's all... back to workrant name your shit properly cunts sql alias suck a dick single character sql assholes cheap cunts die10 -
I'm working this whole weekend to rewrite/move an old custom made shop extension to the new shop.
The amount of possible SQL injections is too damn high and this piece of shit the creator calls code is the most pitiable thing I have ever seen!
I don't how you can call yourself an experienced programmer if you create SQL queries by concatenating strings and variables in raw PHP, copying the same fucking includefiles to 10 different folders and use all of them in random places.
I'm not angry at all, I just want to castrate you with a blunt, fake swiss army knife so mankind is safe from you multiplying yourself.2 -
Guy I work with messaging me: Hey could you check my SQL syntax to get the date part for the month and year.
Me thinking: Ughhh this is going to be something stupid I know it. Why doesn't he just check it himself?
I check it... 2 queries that are very, very, very... simple... and similar except one returns last year (2017) and the other returns the current year (2018)
Me: Not sure what your issue is... I'm not getting any syntax errors. They are executing
Him: Well it shouldn't show 2017, it should show 2018
Me thinking: learn to debug you lazy fuck
Me: Well you're adding a -1 to your year...(Not sure why your even adding to it if your just getting the current month and year)
Him: Oh you're correct! That makes sense
Waste of my time2 -
I have quite a few of these so I'm doing a series.
(2 of 3) Flexi Lexi
A backend developer was tired of building data for the templates. So he created a macro/filter for our in house template lexer. This filter allowed the web designers (didn't really call them frond end devs yet back then) could just at an SQL statement in the templates.
The macro had no safe argument parsing and the designers knew basic SQL but did not know about SQL Injection and used string concatination to insert all kinds of user and request data in the queries.
Two months after this novel feature was introduced we had SQL injections all over the place when some piece of input was missing but worse the whole product was riddled with SQLi vulnerabilities.2 -
Not work, but was very pissed off anyways.
So, today my C# lecturer was teaching about escape sequences in strings. Specifically, he's showing how to escape the single quotes character ( ' ) since we're learning about how to send SQL queries as well.
He started writing on the whiteboard the following and said that this was how to escape the single quotes character in a string:
\' "abc123" \'
Me and one of my classmates looked at this and started to ask questions, since this is definitely not how you do it. Somehow, the lecturer could not understand us. We tried to explain it the best we could, starting from verbally, then writing on the whiteboard, then even showing code on a laptop. For some unknown reason the lecturer still couldn't understand where he was wrong and both of us just gave up after 15 minutes of trying to explain it.
Mind you, most of the class had little to none prior programming experience, me and said classmate are one of the few that actually programmed before, so all my other classmates were just very confused as to what is right and what is wrong.
Now I'm really questioning my lecturer's abilities....5 -
Database queries are slow.... quick add more indexes.
Tomorrow: Hey, why are database writes slow?
Rise. Lather. Repeat next week. 😡 Indexes can’t fix this spaghetti SQL!1 -
During a design meeting, our boss tells me that Vertx's MySQL drivers don't have prepared statements, and that in the past, he's used a library or his own functions to do all the escaping.
"Are you kidding me? Are you insane?"
I insisted that surely he must be wrong; that no one would release a database library without built in support for query arguments. Escaping things by hand is just asinine and a security risk. You should always use the tools in the database drivers, as new security vulnerabilities in SQL drivers can be found and fixed so long as you keep your dependencies up to date.
He told me escaping wasn't as tricky as I made it out to be, that there were some good libraries for it, and insisted Vertx didn't have any built in support for "prepared statements." He also tried to tell us that prepared statements had performance issues.
He searched specifically for "prepared statements" and I was like, "You know they don't have to be called that. They have different names in different frameworks."
Sure enough, a short search and we discovered a function in the Vertx base database classes to allow SQL queries with parameters. -
when reviewing each other's code and sql queries is the most romantic way you can think of to spend the evening1
-
I usually work in a two person team on a hybrid application we are developing, using AngularJS and node.
This normally works okay, because he handles the back end (he's been on the project since January last year, I joined in August as a placement student), and I handle the front end.
However, due to Christmas holidays and such, he's ended up taking an entire month off, and won't be back until the end of January.
I've dabbled in back end before, some routes and that for SQL queries, but nothing serious.
Last Tuesday our core service for the application that needs to be updated in real time broke and pissed off the API provider because we were hammering them with requests.
My first day on back end and this happened. I didn't really know what to do, and had to call my teammate to ask what to do. I essentially just restarted things, and left them as is, until I could find a solution.
From there, I had to mock the operation of the service (which is a complex enough beast) to figure out the problem, and find a fix. Our app more or less hinges on this service, so if it messes up, it's the end times.
All of this while flying on what I've interpreted because the guy that's on holidays was the only guy that knows more about this project than I do.
To make things worse, the clients are being very particular because they're waiting on investments and don't have money to pay our company. So, if they're paying for 5 days work, they're going to put in 5 days of project development. The problem is that their interpretation of 5 days of project development has not changed from when there were two people on this project.
There are 40 tickets in this sprint (ends Friday) and 35 of them are assigned to me. Granted, not all of those take a day to do, but estimates don't mean anything, I guess.
Ganbarimasu.2 -
I never knew that I was a good mentor at SQL , specially at PL/SQL.
I gave a task to a new member of my team, to fill 5 tables with data from other 15 tables.
I informed him well about data table info and structure. He spended about 3 days to create 25 different queries in order to fill 5 tables.
After I saw the 25 queries, I told him, that he could do it with 1 main query and 5 insert statements.
So I spended 1 hour of training, in order to build,run and explain how to create the best sql statements for this task.
(First 5 minutes)
It was looking so simple at the beginning from starting with 1 simple join, after some steps he lost my actions.
(Rest 55 minutes)
I was explained the sql statements I 've created and how Oracle works.
Now , every time he meets me, he feels so thankful for learning him all those Oracle sql tips in 1 hour.
Now he is working only with big data and he loves the sql.1 -
Today is the day I get to go on a long and deserved vacation!
I came to work at 5.10 am so I can pour a glass of Lagavulin 16yo as early as possible 🤣
Edit: At the moment im a few SQL queries away from the nectar of gods.2 -
Now this looks stupid already, but here is the kicker: by "partially hydrated cursor" i mean that once every page size an sql query is ran to get the next page content. This code is put in an event handler, executed once every time a file is uploaded in a dms where files get uploaded by the thousand.
To sum things up, this simple snippet achieves triple dipping:
* waste time on useless sql queries
* waste cpu on useless iterations
* waste disk space on useless logs
Icing on the cake, the author of this piece of shit was complaining about the overall slowness of the process.
Needless to say that when I stumbled on this, both internal *and* external screaming ensued...4 -
I had once an sql error that took me two days to resolve it.
The error message was a syntax error but I was using an ORM to write my queries (doctrine with php) .I didn't have too much to debug as the code was pretty simple and clear so I got to the point that I convinced myself that this a bug and I'm gonna try to mess around it to avoid it.
Second day late night, something popped up in my mind '' hey what about those reserved words? Could it be the reason? '' aaaaand BINGO the key '' option '' is a fucking reserved word for mysql.
Tip : always check that list before writing your data models (specially if you're a noob like me)1 -
me to dba: do you have any recommendations of sql or query improvements? dba: no, just let us know once you're done.
after sending them explain plans, new queries and asking for reviews with no response from them, i applied the changes in dev.
after applying changes.
dba: you should involve us in any development. we need to collaborate.
me: please check your emails over the past 3 weeks.
wtactualfuck. -
There is this shitty database that still exists. It's called CrateDB. It's a SQL layer on a NoSQL. I don't know whose brilliant idea was that but any which way, IT SUCKS. Documentation said that the latest version supports table joins. Yeah, join queries take just ~300 seconds to run. Congratulations!2
-
Running SQL Activity Monitor to find inefficient queries. According to legecy team this is how they think they should query SQL 2014 for a customer.10
-
-- This is my first rant so sorry if it's bad--
We have a nice project that I am working on that needs to store and interact with location data. It is a .NET Core API using Entity Framework Core to interact with the database. All good and well. Until today when I started working on the implementation of storing location data we retrieve from mobile devices.
SQL has a nice data type named: "Geography" which can store a location and do calculations on it with queries. Such as proximity and distance which is what we need.
But then it turns out that EntityFramework Core does not have support for the Spatial data types. even though version 6 did have Spatial support.
Then i found the following issue on GitHub: https://github.com/aspnet/...
Turns out this feature has been requested since 2014 and is even on the "High-priority" list and is still not implemented to this day. Even though in the issue many people are asking to have this implemented.
WHY IS THIS TAKING SO LONG MICROSOFT!!
So now i have to figure out how to work around this. But that is an issue for tomorrow.1 -
Please who the fuck wrote sql query with 6 nested select queries as 1 giant view. Literally 6 paranteses. Garbage 30 year old legacy codebase Please fuck off i now understand why nobody wants to work on this bullshit15
-
Beware: Here lies a cautionary tale about shared hosting, backups, and -goes without saying- WordPress.
1. Got a call from a client saying their site presented an issue with a third-party add-on. The vendor asked us to grant him access to our staging copy.
2. Their staging copy, apparently, never got duplicated correctly because, for security reasons, their in-house dev changed the name of the wp-content folder. That broke their staging algo. So no staging site.
3. In order to recreate the staging site, we had to reset everything back to WP defaults. Including, for some reason, absolute paths inside the database. A huge fucking database. Because WordPress.
4. Made the changes directly in a downloaded sql file. Shared hosting, obviously, had an upload limit smaller to the actual database.
5. Spent half an hour trying to upload table by table to no avail.
6. In-house uploads a new, fixed database with the help of the shared hosting provider.
7. Database has the wrong path. Again.
8. In-house performs massive Find and Replace through phpMyAdmin on the production server.
9. Obviously, MySQL crashes instantly and the site gets blocked for over 3 hours for exceeding shared hosting limits.
10. Hosting provider refuses to accept this was caused by such a stupid act and says site needs to be checked because queries are too slow.
11. We are gouging our eyeballs as we see an in-house vs. hosting fight unfold. So we decide to watch a whole Netflix documentary in between.
12. Finally, the hosting folds and enables access to the site, which is obvi not working because, you know, wrong paths.
13. Documentary finishes. We log in again, click restore from backup. Go to bed. Client phones to bless us. Client’s in-house dev probably looking for a cardboard box to pack his stuff first thing in the morning. \_(ツ)_/¯ -
Rant about IT teacher
(This happened a few months ago)
I go to highschool and in ninth grade you learn about Excel and databases in general. In the first half of the year we learned how to use excel and in the second part of the year we learned about SQL databases.
So we learned SQL and how to set up a database using LibreOffice Base. At the end of the year we had to do one final project which was setting up a database and writing some queries.
We had to do it in groups of two and we had to choose for what we wanted to make a database.
We had like 5 minutes time to discuss it in the groups and me and my friend decided to do something like GitHub, so a database with tables for all the users, repositories, etc.
Then we had to tell our teacher what we wanted to do. Others made databases for hospitals, shops, netflix, app stores. The teacher asked the other groups, they told him what they wanted to do and he wrote it down. Here is how it went down with my group:
Teacher: So what do you want to do?
Me: A database for something like GitHub
Teacher: For what?
Me: GitHub
Teacher: what?
Me (very slowly): G I T H U B
Teacher: what is github?
Me: ...
(I was very surprised that he didn't know GitHub)
Me: well, you can upload files and work on them together with other people. There are also things like branches...
Teacher: Ah ok, so a cloud service
(I was done and wanted to end the conversation)
Me: Yes... it's a cloud service...
(Me in my mind: why do i have to be here)
We named our project 'GitGud', a little bit passiv aggresive.
Yeah so apparently my IT teacher doesn't know GitHub, however he installed Ubuntu on some of the school computers so I guess that's nice
We got an A so that's good.11 -
I was working yesterday, writing a calculus with sql.
My very great user explained to me the math in Excel. I first though to myself, piece of cake, i got it.
Then I started typing and at the end of the day i had 6 temp tables which at some point need to join with themselves. It was just hilarious. each table had at least 4 millions rows.
Then I started a new query just for validating the output of me very ugly previous queries.
And I fucking found a easier way to get the same output with 3 joins of 3 different tables and a count at the end.
When you love yourself. but hate yourself at the same time.
xD it was a very productive Friday night2 -
When I was in my final year of B.Tech.
There we had to do one major project so me and my friend both decided to build QUERA project for college. So as planned we informed to our superior and we got clean chit.
But later on we didn't know what to do??
That time my friend also didn't have programming awareness so days were going on. And the final month came and till then no progress.
My F was suggesting for purchase.
I was little bit worried too.
Then I had decided to build.
So me alone started building without any copying of templates from web(Actually at that time I didn't know that we can copy templates from web) so stupidly I was building templates using HTML and CSS. Parallely I was doing with php and phpmyadmin(SQL queries).
Seriously it was in PHP.
So this was running for approximately 14 days.
And believe me in that 14 days I was just doing project with all this stuff (obviously eating & 5 hrs sleep).
So, here the fun came
I was near to completion of my project but on last day I was not feeling well so I went to medical for some tablets.
And you know what, I was applying CSS in my mind on that tablet cover which was in rectangular shape.
Literally I was applying :D
Finally, I submitted project and got A+ for that.
Happy ending!1 -
To fetch 100 users at once, i used JPA hibernate findAll() method. Simple fucking enough. I realized this shit is slow. Takes a while to fetch and 100 records aint even a lot!
This shit needs over 265 ms to fetch 100 users
About 75 ms to fetch 20 users
That shits terrible!
Then i wrote a custom JDBC class with custom SQL queries to fetch the exact same shit.
Now it fetched 100 users in 7 ms, 37x times faster for performance
I havent even optimized indexing or did shit. I just avoided using jpa hibernate
Someone explain this to me8 -
Pentesting for undisclosed company. Let's call them X as to not get us into trouble.
We are students and are doing our first pentest at an actual company instead of assignments at school. So we're very anxious. But today was a good day.
We found some servers with open ports so we checked a few of them out. I had a set of them with a bunch of open ports like ftp and... 8080. Time to check this out.
"please install flash player"... Security risk 1 found!
System seemed to be some monitoring system. Trying to log in using admin admin... Fucking works. Group loses it cause the company was being all high and mighty about being secure af. Other shit is pretty tight though.
Able to see logs, change password, add new superuser, do some searches for USERS_LOGGEDIN_TODAY! I shit you not, the system even had SUGGESTIONS for usernames to search for. One of which had something to do with sftp and auth keys. Unfortunatly every search gave a SQL syntax error. Used sniffing tools to maybe intercept message so we could do some queries of our own but nothing. Query is probably not issued from the local machine.
Tried to decompile the flash file but no luck. Only for some weird lines and a few function names I presume. But decompressing it and opening it in a text editor allowed me to see and search text. No GET or POST found. No SQL queries or name checks or anything we could think of.
That's all I could do for today. So we'll have to think of stuff for next week. We've already planned xss so maybe we can do that on this server as well.
We also found some older network printers with open telnet. Servers with a specific SQL variant with a potential exploit to execute terminal commands and some ftp and smb servers we need to check out next week.
Hella excited about this!
If you guys have any suggestions let us know. We are utter noobs when it comes to this.6 -
Today salesmen gave me some recommendations about my "so hardly optimized" SQL queries..suggestin me to change em.. I said okay, let's execute these.. 10 hours later, their computers sql workbenches finally displayed the fucking first one.
Result: 0 row... 🤐2 -
Sometimes lack of confidence in one area reveals oversight cockyness in stronger areas:
Set up a simple login system from Unity engine to php to mysql db, using android device ID as the login id. Set up database column to accept 32 length varchar for MD5 hashed strings, as I knew the method I was getting the android device ID was automatically being hashed that way and more or less was what I wanted anyway.
Spend 2 days wondering why it would insert the logins with 0 issue, but could never retrieve them. Due to lack of web development and PHP skills, I assumed I was screwing up the handling of mysqli_num_rows() (to check whether I was inserting or selecting in the query) or simply screwing up my SQL queries.
Rewrite the code a few times, even went back to a method I had used in the past.
Today it dawned on me that my testing machines deviceID had been getting trimmed to the 32 character limit. Turns out I didn't account for my workstations device ID to be automatically hashed like the android device id is.
For 2 days I was obtaining and sending a 40 character string to a 32 character limit varchar and blaming my lack of PHP skills........
Back to my niche I go!1 -
Me: Hey programming languages, is 0 == [ ] ?
PHP: Nope. It's not.
Python: Nope. Easy.
Java: Heh. No it isn't.
Javascript: Oh, um yeah, hurrr durrr harr harr YES it is.
But screw it, hAvE yOu hEaRd oF nExTjS? wE sUpPoRt sQl qUeRiEs nOw.30 -
The ticket system blokes - episode 3
So we always had and have very awful performance with our ticket system. You can't get anything to load in under ~4s normally. Now since it has gotten worse over the last weeks i decided to set aside a few hours to closely watch our SQL server.
After i identified a culprit that was hogging the CPU almost every 2 minutes i looked at other long running queries in the server and found out where exactly the 4s come from.
6 tables from various DBs. Sure, no problem.
Left Outer Join. Sure, why not.
Querying every fucking column in every fucking table explicitly adding up to a whopping 160 columns which they need not even 10% of. We're talking about session IDs, passwords, stock count, IBANs and all that stuff to show the work done on a ticket. Absolutely not.
So i extracted the query and reduced it to the stuff we need and the execution time went from 4 seconds to almost instant.
The funny thing is that their idea of performance optimization is throwing LIMIT around everywhere to get these monstrous queries under control.
So in the next few days I'll have an appointment with their lead programmer. I'm looking forwards to it.
So out of curiosity: does anyone know an SQL builder or toolset that does shit like
SELECT X AS [t0_c0],
SELECT Y AS [t0_c1],
SELECT Z AS [t1_c0],
and so on? I'd like to know how they got to this point.4 -
Eloquent is so fucking slow, my (dead) grandma queries faster. It takes the fucking double of time on a simple query with only one join for maybe ~200 rows... From now on I go fucking back to raw SQL in my Laravel projects. 😤16
-
I am a Technical Lead in the department in my company that writes code for our clients that have money but doesn't have the technical expertise to handle the complexities of our own software.
Part of my tasks involve taking care of a few projects written by employees that have left after using third-party tools rather than using our own software. No one else in this department knows these third-party tools, they only know our own, and my *still limited* web development experience means I get dumped these things in my lap.
And I'm SO pissed at these projects and their authors and the manager that let these ex-employees write these things. There is this one project that was managed by two different "developers" (I don't know they deserve this title) at two different times, and it is so riddled with different technologies it makes me want to throw up almost daily.
Don't believe me? Here is a complete list of the dependencies listed in the package.json of this project: babel-polyfill, body-parser, cookie-parser, debug, edge, edge-sql, excel-to-json, exceljs, express, html-inline, jade, morgan, mssql, mysql, pug, ramda, request, rotating-file-stream, serve-favicon, webpack, xlsx, xml2js
What this doesn't even show, is that one part of this project (literally one page) is made using react, react-dom, react-redux, and jade. The other part (again literally one page) is made using Angular and Pug. In case you missed it while picking up your jaw, there's also mssql, mysql, edge and edge-sql. excel-to-json, exceljs, xlsx.
Oh you want *more* juicy details? This project takes the entire data object used by the front-end, stringifies it into JSON, and shoves it into the database *as a single field*. And instead of doing WHERE clauses in the SQL queries, it grabs the entire table, loops, parses the json, and does a condition on it. If even one of those JSON entries gets corrupted, the entire solution breaks because these "developers" don't know what try/catch is.
The client asked for a very simple change in their app, which was to add a button that queries the back-end for a URL, shows it in a modal dialog, after which a button is clicked to verify the link by doing a second query to the back-end before modifying a couple of fields in the page.
This. Took. Me. Two. Months*. Save me. Please, save me.
*between constant context switches between this and other projects that were continuously failing because of their mistakes.4 -
Little bit of background I've been a front end developer for the past eight years not a good one but I get by. Last 4 working with consulting firms for fortune 500 clients. Big projects big plans big structure, following someone else's lead and just knowing the basics of code reviewing, git flow, code deployment and everything else... life happens and i end up as a front end developer for a big company not tech related that wants to depend less from consultants and do more in house dev. Seems a pretty straightforward project front in angular. Back on python doing queries to a database with sql server. I finish the on-boarding and after two weeks finally get access to the repos. Worst spaghetti code I've ever seen. Seems like someone took a vanilla script project from 10 years ago and push it into an angular tutorial project. Commented code, no comments for the code, deprecated functions still there, no use of typescript nested ifs hell. I try to do my job doing new features do comments clean up a bit. Senior developers get annoyed5
-
Worst week ever.
Servers are on fire. Respoinse times out of control
Some SIMPLE SQL queries (literaly select * from whatever where Id = id) timouts at 30 seconds.
No idea what's goining on (And I have full logs of all api calls and all DB queries). No way to find how to corelate this data.
Ok, I added 1000$/month on Azure and the problem is "masked", but not resolved.
I have dumps, I have logs I have everything, why the fuck I can't find the 1 or 2 APIs causing that ?!!!
Now I feel better.10 -
TL;DR: TIL for heavy queries use PDO and not some frameworks DB class
ffs I was trying to save 300k+ lines at once with Laravel for weeks. Mind you from a text file. 1gb ram on the vps so while trying to prepare the text to save: Fatal Error: Allowed Memory Size of bla bla Bytes Exhausted
ok so lets put it in a loop: Fatal error: Maximum execution time of 30 seconds exceeded (set_time_limit(0); lol)
optimising, varying the code got me into a situation when the content got saved in the BD but inconsistent (duplicates) and the table had often more than 1,5M rows. That was what told me its not a performance issue, my code is the issue. (dah)
I was starting to think it would be easier to export a prepared query to a sql file and load the file into the db as thats the fastest possible option...I even started to think about switching to python, then it hit me, Laravel has a shitload of routes to the DB so I switched to PDO
benchmark on 1vCPU, 1GB RAM VPS with SSD
379k lines with 11 columns in less than 10 sec with a loop of saving every ~6000 rows (if i tried choking it to save the whole thing at once it went up to 16-17sec)2 -
I fucking suck at SQL and that's hurting my performance as a supposed backend developer :D
All the cool nested queries and whatnot, it just flies over my head, I need to learn it better, any tips on study resources?6 -
Today is SQL day.
Been some time since I had to go here, the queries are flooding back to my mind like water over a dam wall. How the heck I remembered these is what I pondered.
Oh well, back to SQL (at a client - yay).
Now you SQL me, now you don't. -
I've been writing SQL queries for almost 19 years now. At this point I've done more right outer joins in job interviews than I've actually needed to do in real life. Why is this such a common interview question?7
-
Long story ahead
Background:
I recently started a job in a smallish startup doing web development in a mostly js stack as an entry-junior engineer/dev. I’m the only person actively working on our internal tools as my Lead Engineer (the only other in house dev) is working on other stuff.
Now I was given a two week sprint to rebuild a portion of our legacy internal app from angular 1.2 with material-ui looking components with no psd’s or cut-outs of any kind to a React and bootstrap ui for the front end and convert our .net API routes into Node.js ones. I had to build the API routes, SQL queries (as there were plenty of changes and reiterations that I had to go through to get the exact data I needed to display), and front end. I worked from 9am until 11pm every day for those two weeks including weekends as our company has a huge show this upcoming week.
I finish up this past sunday and push to our staging environment. The UI is 5.5/10 as we’re changing all of our styling to bootstrap and I’m no ui expert. The api has tests and works flawlessly (tm).
So we go into code review and everything is working as expected until one tab that I made erred out and was written down as a “Needs to be fixed.”
This fix was just a null value handler that took three minutes and a push back to staging, but that wasnt before a stupendous amount of shit being flung my way for the ui not looking great and that one bug was a huge deal and that he couldnt believe it slipped through my fingers.
Honestly, I’m feeling really unmotivated to do anything else. I overworked myself for that only to be shit on for one mistake and my ui being lack-luster with no guides.
Am I being a baby about this or is this something to learn from?1 -
Customer: "There are only 'X' values in COLUMN_D, your - report - import is wrong!"
Me: select count(*) from table_a where column_d is not in ('X') -> returns more than a thousand... Yeah please only scroll within a couple hundreds of records in your shitty sql client gui without making queries. Fuckhead. -
Hello not a rant,
Are there MS SQL Server admins here who self taught and learn thru self study?
I work in a company where they use MS SQL Server as the database. I would love to 'understand' how to write efficient queries, and how things really work, not just selecting and joining table blindly and not understanding how things work.
Would you recommend how you understand MS SQL Server, or what learning path you took?
Thank you. I would appreciate any suggestions and comments.10 -
It was the last year of high school.
We had to submit our final CS homework, so it gets reviewed by someone from the ministry of education and grade it. (think of it as GPA or whatever that is in your country).
Now being me, I really didn’t do much during the whole year, All I did was learning more about C#, more about SQL, and learn from the OGs like thenewboston, derek banas, and of course kudvenkat. (Plus more)
The homework was a C# webform website of whatever theme you like (mostly a web store) that uses MS Access as DB and a C# web service in SOAP. (Don’t ask.)
Part 1/2:
Months have passed, and only had 2 days left to deadline, with nothing on my hand but website sketches, sample projects for ideas, and table schematics.
I went ahead and started to work on it, for 48 hours STRAIGHT.
No breaks, barely ate, family visited and I barely noticed, I was just disconnected from reality.
48 hours passed and finished the project, I was quite satisfied with my it, I followed the right standards from encrypting passwords to verifying emails to implementing SQL queries without the risk of SQL injection, while everyone else followed foot as the teacher taught with plain text passwords and… do I need to continue? You know what I mean here.
Anyway, I went ahead and was like, Ok, lets do one last test run, And proceeded into deleting an Item from my webstore (it was something similar to shopify).
I refreshed. Nothing. Blank page. Just nothing. Nothing is working, at all.
Went ahead to debug almost everywhere, nothing, I’ve gone mad, like REALLY mad and almost lose it, then an hour later of failed debugging attempts I decided to rewrite the whole project from scratch from rebuilding the db, to rewriting the client/backend code and ui, and whatever works just go with it.
Then I noticed a loop block that was going infinite.
NEVER WAIT FOR A DATABASE TO HAVE MINIMUM NUMBER OF ROWS, ALWAYS ASSUME THAT IT HAS NO VALUES. (and if your CPU is 100%, its an infinite loop, a hard lesson learned)
The issue was that I requested 4 or more items from a table, and if it was less it would just loop.
So I went ahead, fixed that and went to sleep.
Part 2/2:
The day has come, the guy from the ministry came in and started reviewing each one of the students homeworks, and of course, some of the projects crashed last minute and straight up stopped working, it's like watching people burning alive.
My turn was up, he came and sat next to me and was like:
Him: Alright make me an account with an email of asd@123.com with a password 123456
Me: … that won't work, got a real email?
Him: What do you mean?
Me: I implemented an email verification system.
Him: … ok … just show me the website.
Me: Alright as you can see here first of all I used mailgun service on a .tk domain in order to send verification emails you know like every single website does, encrypted passwords etc… As you can see this website allows you to sign up as a customer or as a merc…
Him: Good job.
He stood up and moved on.
YOU MOTHERFUCKER.
I WENT THROUGH HELL IN THE PAST 48 HOURS.
AND YOU JUST SAT THERE FOR A MINUTE AND GAVE UP ON REVIEWING MY ENTIRE MASTERPIECE? GO SWIM IN A POOL FULL OF BURNING OIL YOU COUNTLESS PIECE OF SHIT
I got 100/100 in the end, and I kinda feel like shit for going thought all that trouble for just one minute of project review, but hey at least it helped me practice common standards.2 -
Got one right now, no idea if it’s the “most” unrealistic, because I’ve been doing this for a while now.
Until recently, I was rewriting a very old, very brittle legacy codebase - we’re talking garbage code from two generations of complete dumbfucks, and hands down the most awful codebase I’ve ever seen. The code itself is quite difficult to describe without seeing it for yourself, but it was written over a period of about a decade by a certifiably insane person, and then maintained and arguably made much worse by a try-hard moron whose only success was making things exponentially harder for his successor to comprehend and maintain. No documentation whatsoever either. One small example of just how fucking stupid these guys were - every function is wrapped in a try catch with an empty catch, variables are declared and redeclared ten times, but never used. Hard coded credentials, hard coded widths and sizes, weird shit like the entire application 500ing if you move a button to another part of the page, or change its width by a pixel, unsanitized inputs, you name it, if it’s a textbook fuck up, it’s in there, and then some.
Because the code is so damn old as well (MySQL 8.0, C#4, and ASP.NET 3), and utterly eschews the vaguest tenets of structured, organized programming - I decided after a month of a disproportionate effort:success ratio, to just extract the SQL queries, sanitize them, and create a new back end and front end that would jointly get things where they need to be, and most importantly, make the application secure, stable, and maintainable. I’m the only developer, but one of the senior employees wrote most of the SQL queries, so I asked for his help in extracting them, to save time. He basically refused, and then told me to make my peace with God if I missed that deadline. Very helpful.
I was making really good time on it too, nearly complete after 60 days of working on it, along with supporting and maintaining the dumpster fire that is the legacy application. Suddenly my phone rings, and I’m told that management wants me to implement a payment processing feature on the site, and because I’ve been so effective at fixing problems thus far, they want to see it inside of a week. I am surprised, because I’ve been regularly communicating my progress and immediate focus to management, so I explain that I might be able to ship the feature by end of Q1, because rather than shoehorn the processor onto the decrepit piece of shit legacy app, it would be far better to just include it in the replacement. I add that PCI compliance is another matter that we must account for, and so there’s not a great chance of shipping this in a week. They tell me that I have a month to do it…and then the Marketing person asks to see my progress and ends up bitching about everything, despite the front end being a pixel perfect reproduction. Despite my making everything mobile responsive, iframe free, secure and encrypted, fast, and void of unpredictable behaviors. I tell her that this is what I was asked to do, and that there should have been no surprises at all, especially since I’ve been sending out weekly updates via email. I guess it needed more suck? But either way, fuck me and my two months of hard work. I mean really, no ego, I made a true enterprise grade app for them.
Short version, I stopped working on the rebuild, and I’m nearly done writing the payment processor as a microservice that I’ll just embed as an iframe, since the legacy build is full of those anyway, and I’m being asked to make bricks without straw. I’m probably glossing over a lot of finer points here too, just because it’s been such an epic of disappointment. The deadline is coming up, and I’m definitely going to make it, now that I have accordingly reduced the scope of work, but this whole thing has just totally pissed me off, and left a bad taste about the organization.9 -
Every time I see the N+1 query problem in people's implementation, I feel like crying. Especially when it's dealing with large data sets of something like 1000 records.2
-
Life of an Oracle Developer ... Day {I've lost bloody count now}
Task: Optimise a 236 line cursor consisting of 7 SQL SELECTS and unions, 39 joins and nested sub queries galore.
"YAYYY" said no one ever ...3 -
Man... I hate refactoring. After I had finished up an issue this morning, I had to refactor old sql queries and the parsing to the views.
I've worked on it all day and I still haven't finished! Still loving my job, tasks like these are unavoidable but they drain the life out of me.3 -
SQL Server Management Studio: I noticed you forcefully closed the application. Do you want to recover the queries you were working on before you closed?
Me: No
SSMS: Well here you go anyway
Me: *spends 5 minutes recovering and closing files*2 -
I always thought wordpress was ok, not great not terrible, from a coding perspective. Now every new framework I have worked on makes me see why Wordpress is on 40% of the internet.
Now I love wordpress not because of what it did do, but because of all the really stupid things it managed to avoid doing including: over abstraction, trend chasing, using "new transformative technology" that disappears in 2 years, breaking plugin economy with updates and making devs start over, making everything OOP for the sake of making everything OOP, making adding on a bit of code take multiple files of multiple formats and boiler plate code, boiler plate code, compiling dependencies, composer, twig, laravel, one page applications, react, angular, vue, javascript only stacks (MEAN), not letting you control sql queries, protected/private scopes and design that doesn't let you fix or alter bad code others did, and the list goes on and on.
Wordpress did a lot right, and devs should try learning from it instead of making more problems to solve. Sure it's not elegant, but you known what it does do? Focus on a solving a problem. Then it does. Without inventing new ideas or concepts to inject into the code and create new problems.
And you know what else? Hooks are actually very well implemented in Wordpress. I've seen it done much worse.
Honestly my main gripe with the entire platform is a slow moving to OOP for no reason and the database design should separate post type into different tables, the current design makes it less scalable for large data sets for multiple reasons so I'd fix that.5 -
Interesting...
On Friday, I was playing with the ChatGPT integration in DBeaver. I was using the DBeaver sample SQLite database. This database has a couple of tables, among them Album and Artist, where Album has a foreign key into Artist.
So, I asked it:
"give me a query that lists all albums from artists who's name starts with s"
The query I got back was:
SELECT * FROM Album
Uhh, okay.
But then, I noticed that I wrote "who's" instead of 'whose', which would be proper grammatically. So, I changed that, and then I got this query:
SELECT * FROM Album WHERE ArtistId IN (SELECT ArtistId FROM Artist WHERE Name LIKE 'S%');
Hooray, that works! I'm not sure it's the best way to write the query... I might have written:
SELECT * FROM album a, artist r WHERE a.artistid=r.artistid AND r.name LIKE 'S%'
...I'd have to check to see if one performs better than the other, and consider which syntax I find clearer, but that's a separate issue, it's just nice to see a working, reasonable query generated because that's the point, after all.
But I found it interesting that such a minor error would cause it to not work, that's my main point.
Interestingly, it seems to have learned: I just tried the same thing, and I got the right query either way. So that's pretty cool.
It's a pretty neat feature and I can see some legitimate value in it. I'm pretty good writing SQL myself... I've managed to write some truly hideously complex queries over the years... but there are definitely instances I can recall where the query didn't seem obvious at the start, and having an AI that can MAYBE produce something that is AT LEAST a starting point is definitely something I can get onboard with.9 -
When your IT VP starts speaking blasphemy:
"Team,
We all know what’s going on with the API. Next week we may see 6x order volumes.
We need to do everything possible to minimize the load on our prod database server.
Here are some guidelines we’re implementing immediately:
· I’m revoking most direct production SQL access. (even read only). You should be running analysis queries and data pulls out of the replication server anyway.
· No User Management activities are allowed between 9AM and 9PM EST. If you’re going to run a large amount of updates, please coordinate with a DBA to have someone monitoring.
· No checklist setup/maintenance activities are allowed at all. If this causes business impact please let me know.
· If you see are doing anything in [App Name] that’s running long, kill it and get a DBA involved.
Please keep the communication level high and stay vigilant in protecting our prod environment!"
RIP most of what I do at work.3 -
The company I work in had to build a software that establishes a connection to a MySQL database running on an external server. It doesn't work for the client company because the firewall is very restrictive and only lets through connections on port 80, so we had to build a fucking http server that forwards SQL queries to the MySQL server and returns the result. This is so horrible!
(Running MySQL on port 80 isn't an option as any other connection type than http is blocked by the firewall)8 -
Are sql joins a bad practice? :o
I recently did some work on a page for a site ive never worked on cause my boss told me to. So they recently added product detail video urls to a table that has a relationship to the products table. The existing code was querying for the products on that said page and then during the loop that was outputting the products ,there was another query for getting the url for the current iteration/product. Told my coworker that this imo was pretty inefficient way to do it and switched it to a join and did 1 query then output that but his words were "The way it is now maybe ineffecient in your opinion but it works. Also combining inner joins with left or right is not a good practice. If the data is changed upstream the entire query would need to be redone to accommodate the change". Mind you that they query views a lot which are all made from queries that use joins and I'm also pretty sure these views were written by someone who used to be here because these guys are not good at sql or at least that's what there queries show. I'm at the point now where I'm realizing that my boss and this other guy don't give a fuck about efficiency or doing things the right way they just want it "to work". So this coworker changed my query back to the way it was because he said it broke the shopping cart even though that was already broken when I started... What is life? Maybe I'm the stupid one?7 -
I have a few projects on the go at work at the moment which could be successful, but only time will tell:
1. We have a requirement to monitor or SQL servers for any long running queries (anything that runs longer than 3 minutes). Company didn’t want to pay for enterprise grade solution so as the only SQL Developer I created a small system that involves a database, 2 tables a stored procedure and scheduled job. It goes off every 10 minutes queries some system tables etc and write the results to the tables. Still waiting for it to be deployed to one of the test servers. I have plans for a web front end in the future.
2. My company currently use source safe for version control. They’ve lost the admin password so only 1 person can log in. I’m running he project to plan the migration to GitLab. It’s getting close to completion and soon someone is going to be tasked with creating 100s or projects etc.
3. We use an ERP system which is huge with thousands of tables, but no FKs or anything like that. The current data dictionary is a spreadsheet, as a side project I’m creating a web app so that this information is easily available and searchable.
All 3 projects have the potential to be successful, for my team at least, but stuck waiting for other people to do their stuff first. -
was working on a project once where we needed a database mapping to some c# code
tasked one of our less experienced guys on it to maybe give him some experience
now I'm assuming most people here who have worked in .NET for a reasonable amount of time know about entity framework, and I did tell the guy about it.
three days after giving him that task he comes up to me smiling and says he's done
great! what did he do? he wrote the database mapping from scratch using hard coded SQL queries using lists to chain queries together in a sea of if-else statements...
let's just say the code broke down and needed last minute fixing when it was time to present it2 -
When I run tests, I like to enable the debug logging. All the SQL queries and template tracing just flies by. Freaks the others out.
-
Has anyone ever tried to send a message to a rep at PNC on their online banking?
-you can't write any 'special characters' in the message. This includes dashes, slashes, and even apostrophes ("don't" is not allowed!) among others. I guess they just pipe the message right into the SQL queries!
-I had to type a long message there, and I was tired and forgot to do my usual CTRL+A/CTRL+C ritual - BIG MISTAKE!! After clicking submit, I get a JS alert() come up saying that my session timed out after 15 minutes of inactivity (writing a large rant to PNC ofc). Back button does not bring up the filled out form to copy from, as like the whole site seems to be on the same URL. There was no way to exit the alert without losing the message. Thankfully I did not close the tab, and I was able to recover and piece together some of the text snippets using $ gcore / $ strings | less.
Overall this has to have been the worst web app I have dealt with for quite a while.3 -
There have been a few :)
If say it's a videos utter project I initially though was good. Apart from loading a view the controllers didn't do anything - my initial thought was some magic was happening behind the scenes.
However, when I opened up the view things changed.
ALL the business logic happened in the view. Everything. Form processing, consuming an app, file uploads, validation, crud ... You name it, it happened in view. The developer created a raw MySQL connection and build his queries by concatenation g strings, the whole system was wide open to sql injection.
Even more annoying was the "source control" he invented. Every file had several copies. I.e. "User(working).php", "user_v3.php" and even "user(working_no_profile_fields_1.php". It wasn't even like there was any consistency in what file was actually used either. A complete mess. The system had around 69 screens too. No idea how the developer got that gig.2 -
Spent 2 days optimizing SQL queries, and then I learned a valuable lesson.
If your database size is bigger than the RAM of the machine it’s running on, every query will take 5+ seconds ☹️4 -
Why the fuck do you ask Data Structures and SQL queries for a Data Science interview?
I feel pity on those companies who evaluate people based on the above for DS position. -
I looked at an SQL server today from a customer, talked with one of their devs and he said that he's unable to understand why the server misbehaves... All (!) queries were optimized, but they have 'big data queries'... Migraine started, I had a very bad feeling. Monitoring? Nooooppeeee. Migraine kicks in. Connected to server. SHOW GLOBAL VARIABLES...
After a bit of scrolling I found a lot of misconfigured variables (e.g. extreme large join buffers, unrealistic buffer sizes), high slow query count (nearly 60 % of COM_SELECT) and a few variables that were unknown to me.
Then came the version line.
5.0.46
Yes. 5.0.46.
Big data? Well... 30 GB of usage data.
I called the company back... The dev told me sternly that this was the production server (I had hope...) and that I lie - neither the version, nor the variables could be the problem.
A coworker had to verify it and our manager had to do the communication... Worst, most traumatic working day I ever had. -
Two senior developers were baffled at why their Web application built using sql server wouldn't just instantly work using sqlite... The Web application uses some pretty advanced queries and ORM.1
-
When your VP Engineer says we DONT NEED AN ORM.
Raw sql queries are just fine and he even can help with that!!
It's only monday.6 -
Nextjs is for script kiddies. This is such a fucking CHILDISH framework. The way you write queries is such fuzzy wuzzy BULLSHIT that u cant even write raw sql. Coming from hardcore java spring boot backend of 5 soon 6 years of experience i cannot believe how bullshit it is. Ill stick with java. I need to be oldschool. Im sick of this shit with constsnt new bullshit popping up sugar coated kiddie shit13
-
Flyway is bullshit. Genuinely who the FUCK finds this useful??? Why the Fuck do you want to have an ORM, next to a custom jdbc and to top it all off you also write custom sql queries in flyway just so you can prove your colleagues what db migrations happened WTF you can see that on git commits dumbass!!!! 3 different sql models that need to be the same but are written differently each. One through ORM, through code and through raw sql queries. Flyway just makes shit harder and having 1 change in model means i need to fuck myself with rewriting raw SQL queries in flyway WASTE OF TIME8
-
So i have been thinking..
SQL is a lang that runs on a specific software on the server, and helps creating data stores(databases and tables) that can be queried & manipulated.
is there a way to run sql like queries on the client side with no interaction from backend at all?
Say i have 5 inter related data models. in a backend world, they will form nice little tables of a db with all their joins and composite keys. from the server, i shall be querying them like "SELECT name from x where y=z & ..."
but what if i could store them like tables in browser memory and run the same query filters via a query language... is this possible?
i know this poses a certain security risk, but we already use cookies, local storage and a lot of json based shitty client side storages. surely it might be possible to have a lesser optimised sql tables on the frontend with extremely good querying capabilities?
or am i talking something far fetched here?8 -
> me: trying to explain to a dev from one of our customers why should they worry about sql injection in their application -which by the way is public- since they always concatenate params (even giving concrete examples in their app on how could I gain acces to their database with just a couple of queries)
> me: (thinking) Did I change my bed with a time machine by accident and got myself into the past?
Do these things happen often to you? (U_U||) -
A question to all software security specialists of devRant. Please, take it serious.
Is it fundamentally possible to restrict a SQL database like Postgres in a way that unintended SQL queries are impossible to execute? Perhaps in some kind of whitelist fashion. Is it possible to achieve the kind of security that will be just fine exposed to the outside world akin to "SQL queries in onClick handlers" scenario?
Or is this an uphill battle of never being able to moderate an infinite set of possible fraudulent queries?5 -
I feel like we we not only 'advanced' various fields by pulling people off some lord of the flies island who only wanted to dance around with a severed pig head in reality and training them, but also depleted and destroyed many essential fields by removing all valid motivators from our environment by spreading so much cynicism and unguided lust for power over others in the absence of any of the unifying beliefs of former generations that the professions are going to implode in the years to come.
so I wasn't very experienced when i went to work some place years back. I'd worked on my own. and I was criticized by their 80k per year team lead as having 'only done some simple things'... when his project didn't work, and par for the course their criticisms were coming from people who took a standard backend on a very large project that actually had been designed to function and something else likely needed fixed, to 'HEY LETS USE LINQ TO SQL APPARENTLY WITHOUT TESTING RELATIVE PERFORMANCE !!!!! AND WE'LL THROW SOME AD HOC QUERIES GENERATED BY MICROSOFT AT OUR SERVER INSTALLATION AND WATCH THE PERFORMANCE 'GAINS' THEN WE'LL BACKTRACK AND PUT STORED PROCEDURES BACK AND GENERATE HOOKS TO THEM LIKE A CLASSICAL DAL. JUST USING LINQ TO SQL'S CONTEXT OBJECT ! HURRAY I HAVE A BACHELORS AND 15 YEARS EXPERIENCE !'
There are so many details to fill in teaching the mindset of how to do things right in the first place is kind of expensive to begin with and you don't necessarily learn that in school working on common comp sci projects in academia. But they should have known better. I'm actually embarassed to list linq to sql on my resume as I think back.8 -
Fuck encoding and fuck PHP!!!
I'm programming a little vocab trainer to get used to php and MySQL. From an old VB vocab trainer I had ca. 2000 txt-files with words and converted them to sql-queries with a simple python script. When SELECTING words with special characters they become encoded properly. But if I UPDATE words their encoding is just fucked up... The table is utf-8 encoded all the columns are utf-8 encoded. The php mysqli connection is utf-8 encoded. My HTML header is utf-8... WTF? -
So i was trying to learn php from a udemy course. The guy there mixes a hell lot of php with html, like all the pages are .php with html content and mini <?php ... ?> Scripts in between everywhere: titles, swl queries running and displaying outputs as html with echo php variables, etc..
Now am not much versed with client server data model, but isn't there supposed to be clear distinction between the server side and the client side? He puts a form there using echo "html string" , rrcieves the form input in the string's action , runs an sql query and generates another set of html strings. All in one file.
Is it how major php websites work? On the other hand My web dev friend om who works a lot with js usually runs 2 seperate aws instances for frontend and backend and makes them communicate via apis9 -
So my job is now starting to spin back around towards more development styles roles.
Currently I am in the process of learning about an internal Asp.Net app for managing invoicing.
A .net core app to manage changes to rate card prices.
And a small python app which runs 40+ sql queries and writes the results to a spreadsheet.
This is the jest time I’ve used python, and I have to say I really like it2 -
Comment in our code, followed by 3 identical SQL queries with only the table name different (Admin, regular user, old regular user).
Then we duplicated the entire project as it being a contract first webservice prevented us from changing it's signature to accommodate the needs of a new application.2 -
Today I got a change request that told me I needed to create a report showing orders broken down by their order types as percentages.
Now the order types part involve SQL queries that translate business rules into multiple table joins and it's quite nasty (200 + lines or so).
Naturally the change request doesn't mention any of these business rules and how to tell that orders are of a specific type... but alas!
It teaches me how to calculate a percentage :)
... like "10 / 100 * 100 = 10%"
I don't know whether to laugh or feel insulted.2 -
I ngl miss the thrill of high-performance computing. Or more precise would be where the program's running was directly affected by what I did.
Ever since career took the applications/apps/backend route, i try to optimise but ik it's useless.
The c#/.net would anyway make its own changes, Im not allowed to write direct SQL queries and index-powered joins coz "EF will handle it". Any JS/TS is recreated by Node
Thats how work be but kinda saddening2 -
When I see job adverts asking for SQL skills it really puts me off. After seeing how database migrations and eloquent in Laravel work I don't know why anyone would write SQL queries again!8
-
Rant 1
---
I have so much shit to talk about and its annoying to wait 2+ hours between each rant just to rant so ill start off by ranting about not being able to rant as often as i want to rant
Rant 2
---
What is ORM doing under the hood if it makes the queries so much slower than compared to writing raw sql?
Rant 3
---
Im thinking of creating more accounts just to be able to say what i want to say without waiting these dumbass 2+ hours. Who tf even made that and thought it was a good idea. Ur not saving ur bandwidth storage by making devs wait to rsnt bro itll be the same shit
Rant 4
---
Now by writing 3 rants in a row i forgot what i wanted to rant about more and its an enitrely different topic so ill rant about not remembering what i wanted to rant about because of devrants dumbass 2+ hour wait logic
Rant 5
---
Wow this new york company looking for senior devops dev requires a lot less shit to know compared to the saudi arabian shithole company for the exact same position. But how do i learn all of what they require fast so i can apply for this position since the recruiter has contacted me20 -
So i was writing sql query and every time i was getting "data type mismatch error."
In frustrations i slammed the table and went outside for some fresh air.
After 15 minutes i came back and runs the query again. Voila, it is working now.
My god these queries burned half of my blood today. LOL. 😁1 -
From the guy that practices bash in the production server, here's the same guy who also practices SQL queries in the production's PostgreSQL!
I swear these happen by accident. I'm having to do some data corruption control by some bug, but I forget to close the panel when I'm finished. Then I go on with my tasks and I think it's my own computer I'm writing these commands to.3 -
[Prestashop question / rant]
Yes, it's not StackOverflow here, neither is it prestashop support forum - but I trust u people most :)
Proper solution for working with big(?) import of products from XML (2,5MB, ~8600 items) to MySQL(InnoDB) within prestashop backoffice module (OR standalone cronjob)
"solutions" I read about so far:
- Up php's max execution time/max memory limit to infinity and hope it's enough
- Run import as a cronjob
- Use MySQL XML parsing procedure and just supply raw xml file to it
- Convert to CSV and use prestashop import functionality (most unreliable so far)
- Instead of using ObjectModel, assemble raw sql queries for chunks of items
- Buy a pre-made module to just handle import (meh)
Maybe an expert on the topic could recommend something?3 -
Why SQL, why???
I have a proc I need to modify so I add a select into it. Drop the proc and recreate it, run it, new select not giving results.
Modify the select to inverse filter to see what I do have, recreate the proc, run it, still no results...
Run four different cache cleaning queries, still no results from the new select...
Add a "select 1" before the new select, recreate and run the proc and now I have the new 1 and also the other select now has results...
Change the filters back, still getting same results...
Remove the select 1, no results...
What kind of devil cache is this?5 -
Not a rant, but seeking advice...
Should I abandon 2 years' worth of work on migrating a personal project from SQL (M$) to a Graph database, and just stick to SQL? And only consider migrating when/if I need graph capabilities?
The project is a small social media platform. Has around ~50 monthly active users.
Why I started the migration in the first place:
• When researching databases, I read that for social media, graph is more suitable. It was, at least in terms of query structure. It was more natural, there were no "joins", and queries were much simpler than their SQL counterparts.
• In case the project got big, I didn't want to have to panic-deal with database issues that come with growth. I had some indexing issues with MSSQL, and it got me worried that at 50MAU I'm having these issues, what would happen if I get more?
• It's a personal project, and the Gremlin language and graph databases looked cool and I was motivated to learn something new.
----
Why I'm considering aborting the migration:
• It's taking too damn long. I'm unable to work on other features because this migration is taking up all my free time. Sunk cost fallacy is hitting me hard with this one.
• In local testing within docker, it's extremely slow. I tried various graph engines (janusgraph, official tinkerpop, orientdb), and the fastest one takes 4-6minutes to complete my server tests. SQL finishes the same tests in under 2 minutes, same docker environment. I also tried running my tests on a remote server (AWS neptune) and it was just as slow. Maybe my queries are bad, but can I afford to spend even more time fine tuning all queries?
• I now realise that "graph = no scalability issues" was naïve of me, and 100% wishful thinking. Scalability issues don't care what database I use, but about how well tuned and configured the whole system is.
• I really want to move on. My tech stack is falling behind and becoming outdated. I'm unable to maintain dependencies.
• I'm worried about losing those 50 MAU because they're essential to gaining traction once I release the platform. I keep telling them about the migration but at some point (2 years later) they're going to get bored I feel.
I guess partially it's a rant because I feel like I shouldn't stop now having spent 2 years on this, but at the same time I feel like I'm heading towards a dead end.
If you made it this far, thank you for reading:)10 -
A friend outsourced a project to us with partial requirements. We developed it as per the requirements and submitted the app and admin portal to his client. I was aware of certain critical features missing in the requirement. Generally we provide an admin portal to manage the backend of the app, but in this project a backend was to be made but the adding or modifying users section was not mentioned in the requirement. My team presented the project and convinced them to create or modify users writing SQL queries on the production DB (they are sales guys with no technical knowledge)
P.S - we won't be responsible for any DB errors :P -
A RxJS wrapper for MySQL queries.
https://github.com/inf3cti0n95/...
If anyone has any suggestions/reviews for it.1 -
Does anyone here really like typing SQL? I mean just typing queries all day long? Are touch typing and sql related? Next on google: How to build a backend app with only sql?9
-
For Ramda (functional JavaScript) enthusiasts -
Anybody, who wishes to collaborate on writing Ramda solutions for SQL like queries, I have created the project (SQL queries, SQLite database, json data files) here - Ramda-SQL-Equivalent GitHub project (https://github.com/ajit555/...).
Please post the questions in "Issues" section and hopefully would get some solutions via pull request.
If not sending pull request, please post the solutions as issues referencing the file name.
Thanks. -
(tldr: are foriegn keys good/bad? Can you give a simple example of a situation where foriegn keys were the only and/or best solution?)
i have been recently trying to make some apps and their databases , so i decided to give a deeper look to sql and its queries.
I am a little confused and wanted to know more about foreign keys , joins and this particular db designing technique i use.
Can anyone explain me about them in a simpler way?
Firstly i wanted to show you this not much unheard tecnique of making relations that i find very useful( i guess its called toxi technique) :
In this , we use an extra table for joining 2 tables . For eg, if we have a table of questions and we have a table of tags then we should also have a table of relation called relation which will be mapping the the tags with questions through their primary IDs this way we can search all the questions by using tag name and we can also show multiple tags for a question just like stackoverflow does.
Now am not sure which could be a possibile situation when i need a foriegn key. In this particular example, both questions and tags are joined via what i say as "soft link" and this makes it very scalable and both easy to add both questions and new tags.
From what i learned about foriegn keys, it marks a mandatory one directional relation between 2 tables (or as i say "hard a to b" link)
Firstly i don't understand how i could use foriegn key to map multiple tags with a question. Does that mean it will always going to make a 1to1 relationship between 2 tables( i have yet to understand what 11 1mant or many many relations arr, not sure if my terminology is correct)
Secondly it poses super difficulty and differences in logics for adding either a tag or question, don't you think?
Like one table (say question) is having a foreign key of tags ID then the the questions table is completely independent of tag entries.
Its insertion/updation/deletion/creation of entries doesn't affect the tags table. but for tag table we cannot modify a particular tag or delete a tag without making without causing harm to its associated question entries.
if we have to delete a particular tag then we have to delete all its associated questions with that this means this is rather a bad thing to use for making tables isn't it?
I m just so confused regarding foriegn keys , joins and this toxi approach. Maybe my example of stack overflow tag/questions is wrong wrt to foreign key. But then i would like to know an example where it is useful5 -
Redoing our web apps to use SSO... Every single page within the app runs LDAP authentication. What is the point of signing in and having session cookies if you are reauthorization a logon on every page?!??? Now what seemed like a simple task of revamping the initial logon has turned into a hunting trip for LDAP queries and creating new sql tables