Log Buffer #98
Hello and welcome to the 98th edition of Log Buffer. My name is Jeff Smith and I will hosting this week's exciting episode. If, for some reason, you are not completely satisfied with this edition, simply write in and complain to Dave over at The Pythian Group and you will receive Log Buffer #99 absolutely free! Now that is a guarantee you can feel good about. OK, let's get to work.
I have only limited exposure to both PostgreSQL and MySQL, but I have often wondered why MySQL is so popular while it seems that PostgreSQL has the superior features. Over at Xaprb, they attempt to answer that very question. Be sure to read the comments from that post, and check out the big discussion from that article over at reddit as well. The theory I like the best? MySQL is easier to pronounce! (How do you pronounce "PostgreSQL" anyway?)
Speaking of MySQL, Sheeri Cabral points out that MySQL's website certainly doesn't do the product any favors, and there's also a good discussion at Xaprb on why MySQL is Free Software but not Open Source. If you ever wanted to add a new Unicode collation to MySQL, Alexander Barkov and Peter Gulutzan provide all the information you'll need. Peter at the MySql Performance Blog tells us that MySQL lacks a good memory profiling tool, and based on his feedback, others seem to agree. (No, not those Others!) Speaking of MySQL feature requests, Justin Swanhart asks "Why does INFORMATION_SCHEMA fail to show information about TEMPORARY tables?" and also lets us know that his materialized view stored procedures for MySQL have been OKed for release. Sunny Walia (what a great name -- is it possible to not be a fun person with a name like that?) tells us how to install innotop to monitor innodb information in real-time and wonders "Oh dear MySQL slave, where did you put those rows?" Going back to the MySQL Performance Blog, Vadim warns us of a dangerous MySQL command; be sure to keep that one locked safely away from the kids.
Regarding a product I actually know a little about, Kalen Delany has a nice list of Free SQL Server Troubleshooting Tools to check out. If you haven't seen it yet, my co-blogger here at SQLTeam Mladen has an amazingly popular list of Free SQL Server Tools that might make your life a little easier that was published a while back but it is always worth mentioning. While you are visiting Mladen's blog, don't miss his latest post on getting immediate deadlock notifications for SQL Server 2005. Also, be sure to leave him lots of comments telling him that his blog is great but that he is your second favorite SQL Server blogger -- after me, of course!
Still on the topic of SQL Server, Jamie Thomson provides us with a tip for ensuring that your root folder is valid when using SSIS. Denis Gobo asks: What did you do to master SQL? (Interestingly enough, for me it was by learning MS Access first!) Tony Rogerson warns us of the performance implications of using Row_Number() in non-recursive CTE's. And Paul S. Randal describes a CHECKDB bug that people are hitting; thankfully, he says that "you can only hit this bug if you ALREADY have corruption, that it's quite rare, and that there is a workaround."
Everyone enjoys a good analogy, right? After all, a good analogy is like an ice cream cone: they both are ... hmmm ... OK, well, that's not a good analogy at all. Never mind. Speaking of bad analogies, I bet that unlike Peter Gulutzan you never really thought about the expression "half baked" before and how it relates to MySQL features. Well, now there's your chance! (Of course, a pessimist would prefer "half un-baked", but that's a discussion for another time.)
A big topic lately has been SQL Injection attacks. I always find this funny because this is the easiest problem to avoid in the history of programming; as CodeAssembly tells us, "Never concatenate user input to your queries, without exceptions." That's really all there is to it -- do that, and you are good to go. As I've written before, using parameters is not only safer, but your code is much shorter and simpler than if you concatenate strings all day long.
Federico Cargnelutti gives us an introduction on managing and applying database changes with LiquiBase, an "open source, DBMS-independent library for tracking, managing and applying database changes." I have never used LiquiBase, but sounds like something worth looking into.
While reading Magnus Hagander's PostgreSQL Blog, I found out that Yahoo claims it has the largest SQL database in a production environment -- and they use PostgreSQL. Impressive! Peter Eisentraut checks in from PGCon Day One, which included a presentation of his on porting Oracle Applications to PostgreSQL. For those of you out there using Max OS X, Perldiver has summarized instructions on building PostgreSQL on Mac OS X. Going off on a tangent, they just opened a new Apple store here in Boston on Boylston street. I visited it this weekend after getting my usual bad haircut next door. My verdict on the store? It sure looks nice, but I had no luck finding a new 5 1/4" floppy drive for my Apple II. Try to do better next time, Apple!
James McGovern offers some praise for Mark Wilcox of Oracle. Why? Because Mark has been doing some must-read blogging over at the Oracle.com blogs. Getting back to my favorite topic, which is coding SQL, Michael Armstrong-Smith instructs the Oracle crowd on using CASE to solver Outer Join issues. Shay Shmeltzer provides some tips on creating a master with two details on the same page when using ADF.
Sticking with Oracle links, Pete Finnigan ponders read only tables or read only users, and notes that in Oracle a read-only user "has approximately 27,000 other privileges because of grants to PUBLIC. This is the killer issue as because of this it is in fact not possible to create a read-only user." Hmm ... only 27,000? Come on, that doesn't seem that bad to me! Eddie Awad tells us about the Lazy Developer's way to populate a Surrogate Key and over at the Oracle Scratchpad, Jonathan Lewis provides some helpful links on Index Efficiency. Finally, if you are looking to install Oracle Database 11g Release 1 on Fedora 9 (and who isn't?), everything you need to know is covered over at Oracle-Base.
Now, if you're like me, you hate DBAs. Ah, just kidding, of course we all love our Database Administration Overlords (and I'm not just saying that because most of the people reading this probably are DBAs.) However, even the best DBAs out there occasionally make mistakes. If you have some horror stories of your own to share, or if you simply want to take pleasure in the misfortune of others, be sure to check out Kalen Delany's call for DBA Blunders. (Of course, to be fair, even us developers occasionally make mistakes.) To help avoid future blunders, consider this advice: Do not use Windows System Restore as a backout plan for SQL Server Service Packs, Cumulative Updates, or HotFixes. Also, Tara here at SQLTeam reminds us to optimize your tempdb and even provides a helpful script. I'd like to add my own helpful tip for DBAs: Schedule regular database backups! Remember, you read it here first.
Previewing the upcoming SQL Server 2008, SQLTeam's Derek discusses the Data Profiling Utility with SQL Server 2008. It sure seems like a nice tool, but that still may not make people any less nervous about SQL 2008. (Heck, my team is still nervous about SQL Server 2005!) Aaron Betrand urges people to vote if you want IntelliSense in SSMS 2008 to also support SQL Server 2005, which seems like a great idea to me, and Linchi Shea has a quick analysis of SQL Server 2008 Page Compression and its performance impact on table scans. Finally, Jamie Thomson dissects the fuzzyness of SQL Server 2008. To me, "fuzziness" is what happens to my vision after drinking too many mojitos, but Jamie is discussing a new feature in SSIS 2008 so give it a read.
I've always believed that you don't truly know all there is to know about databases until you understand the raw data structures of tables and indexes and so on. Over at MSDN Channel 9, there's a new series of videos on Data Structures and Algorithms, so be sure to watch if you want to know how database engines really work "under the hood". My enjoyment of the video was unfortunately interrupted by horrible flashbacks from my CS310 days.
Moving away from relational databases, Jim Wilson helps us to understand HBase and BigTable. Apparently, HBase is the open source implementation of Google's BigTable database, which is described as a "sparse, distributed, persistent multidimensional sorted map." In layman's terms, that means "a database with wicked huge tables."
For those looking for a laugh, be sure to read Andrew Calvett's MS SQL Server Book of Wisdom. It reminds me quite a bit of my infamous and widely misinterpreted Top 10 Things I Hate About SQL Server post from way back in the olden days. Be careful, Andrew: sometimes folks don't get it if your jokes are too subtle! (Of course, in my case, it could be that my jokes just weren't that funny.)
Well, that's all for this week. Thanks, Dave, for giving me an opportunity to write this week's Log Buffer. It was lot of fun and a welcome opportunity for me to spend more time than I usually do reading lots of great blog posts from around the internet. Have a great weekend everyone!
Legacy Comments
Paul Vallee
2008-05-23 |
re: Log Buffer #98 Great post Jeff, thanks! |
Ronald Bradford
2008-05-23 |
re: Log Buffer #98 Very good, detailed read this week. Well done Jeff. |
Virag Sharma
2008-05-24 |
re: Log Buffer #98 One of the great Log Buffer post. |
Peso
2008-05-26 |
Thanks Jeff For highlightning the SQL Injection. What makes it so hard to NOT following the baseic guidelines; use parameters? Anyway, for testing for possible SQL Injections, see different tools here http://www.security-hacks.com/2007/05/18/top-15-free-sql-injection-scanners |
Zack Jones
2008-05-26 |
re: Log Buffer #98 FYI the link for Free SQL Server Tools that might make your life a little easier results in a Not Found error if you try to launch it :(. |
Jeff
2008-05-27 |
re: Log Buffer #98 Thank you, Zack, it has been fixed. - Jeff |
karuna
2008-05-28 |
re: Log Buffer #98 It seems that almost all links to Sqlteam.com's urls specified in the article have a path starting with http://weblogs.sqlteam.com/jeffs and hence they end up with error pages. |
Jeff
2008-05-28 |
re: Log Buffer #98 Thanks, Karuna. Looks like the software tried to convert the sqlteam.com links to relative URLs when I pasted in the article's HTML and didn't do such as good job. I went through and manually fixed everything I could find; hopefully, they all work now. - Jeff |
Sheeri Cabral
2008-05-28 |
re: Log Buffer #98 Great log buffer, although I work for Pythian so I'll be getting #99 free without having to complain. Now THAT is power. Seriously, though, you should do more log buffers. This was seriously entertaining, and entertainingly serious. |
meng
2008-06-05 |
re: Log Buffer #98 Hi~ Jeff ~ Thanks for posting~~ And can you do me a favor? I need to ask you one question. Is it possible to show the latest updating date and time using SQL query? ---meng |