tags:

views:

418

answers:

8
+4  Q: 

Relational databases application

When developing an application which mostly interacts with a database, what is a good way to start? The application requires a lot of filtering based on user input, sorting and structuring.

+2  A: 

A good start would be to get familiar with Multitier architecture

Then you design your presentation layer.

In your business logic layer implement all logic

And finally you implement your data access layer.

Svetlozar Angelov  2009-08-31 08:54:43
+2  A: 

When you get to the database layer you'll want to handle the database access via stored procedures. This will help give you additional protection against SQL Injection attacks, and make it much easier to push logic changes to the database layer.

mrdenny  2009-08-31 08:58:43
Just to mention - stored procedures must be used very carefully. Sometimes people carry away and put TOO much business logic in the sql server which might cause problems with scaling in the future.
Svetlozar Angelov  2009-08-31 09:11:21
I'd recommend paramaterized queries instead of stored procedures, but they both help guard against SQL Injection. As Svetlozar Angelov mentioned you can get carried away with the business logic you put in a stored procedure.
Dusty  2009-09-02 18:50:43
The problem with paramaterized queries instead of stored procedures, is that if someone does get into the SQL Server, they now have access to all the tables and can dump the data. Stored procedures get away from this problem.
mrdenny  2009-09-03 01:09:35
I consider stored procedures to be bad, because it means that you add data logic inside the database itself, making it harder to upgrade the database or move to another database system. (E.g. from MySQL to Oracle.) Databases are only for storing data, not for keeping any business/data logic.
Workshop Alex  2009-09-04 22:22:47
Moving from one platform to another isn't something that has to be done very often, if ever. You've got so many other things that would need to be changed which would slow things down, such as data type differences, use of SQL Service Broker, ETL processes, etc. If all you are using a database for is storing data, you are missing out on the full power of the database platforms (no matter which platform you are using).
mrdenny  2009-09-04 22:51:10
Moving from platforms is more common than people expect, since databases always get upgrades and companies need to merge with others who use a different database system. These changes always come at the most inconvenient moment so it's better to be prepared for them.
Workshop Alex  2009-09-05 11:28:40
I couldn't disagree more that the potential for having to move from one database platform to another is a good reason for not using all the available features of the platform. If the company gets purchased and the new companies standard is Oracle, and you use SQL Server and Oracle doesn't support all the features that you are using in your application then Oracle isn't the correct platform to ru nthe application on. Using only one platform because it is your standard just isn't sound no matter the platform you choose. They have different features and should be used for different things.
mrdenny  2009-09-05 23:11:58
Using stored procedures is a fine thing to do, but claiming that this is protects against SQL injection is an oversimplification. It's just as easy to concatenate variables into a dynamic SQL query and execute it in an unsafe way in a stored procedure as it is in application code. Of course the remedy is "don't do it unsafely" but that advice applies to the app layer too.
Bill Karwin  2009-09-06 17:45:01
When I talk about using stored procedure, I assume that the person writing the code will be using a parametrized query to do so, instead of writing a dynamic SQL string to run the procedure. But by using stored procedures the application account which logs into the SQL Server shouldn't have any writes to the database tables directly as only execution rights are granted to the procedures, not to the base tables. This then is what prevents a SQL Injection attack from doing any real damage.
mrdenny  2009-09-07 22:31:18
+2  A: 

The most important thing to keep in mind is that your first, and most likely 2nd 3rd attempt at designing the database will be wrong in some way. That might sound negative, maybe even a little rash, (it's certainly more towards the 'agile' software design philosophy) but it's important thing to keep in mind.

You still need to do your analysis thoroughly of course, try to implement one feature at a time, but try to get all layers working first. That way you won't have to do to much rework when the specs change and you understand the issues better. One you have a lot of data loaded into a system, changing things becomes increasingly difficult.

The main benefit of this approach is you find out quickly where you design is broken, where you haven't separated you design layers correctly. One trick I find extremely useful is to do both a sqllite and a mysql version, so seamless switching between the two is possible. Because the two use a different accent of SQL it highlights where you have too tight a coupling between the layers.

Chris Huang-Leaver  2009-09-02 13:42:40
+2  A: 

If it's mostly users interacting with data, you can design using a form perspective.

  1. What forms are needed for user input?

  2. What forms are needed for output reports?

Once you've determined that, the use of the forms will dictate the business logic needed to be coded behind the scenes. You'll take the inputs, create the set of procedures or methods to deal with them, and output what is necessary. Once you know the inputs and outputs, you will be able to easily design the necessary functions.

Lance Roberts  2009-09-02 18:46:34
+6  A: 

The best way to start is by figuring out "user stories" (or "use cases" -- but the "story" approach tends to really work great and start dragging shareholder into the shared storytelling...!-); on top of that, designing the database schema as the best-normalized idea you can find to satisfy all data layer needs of the user stories.

Thirdly, you may sketch layers such as views on top of the schema; fourthly, and optionally, triggers and stored procedures that might live in the DB to ensure consistency and ease of use for higher layers (but, no matter how strongly DBAs will push you towards those, don't accept their assurances that they're a MUST: they aren't -- if your storage layer is well designed in terms of normalization and maybe useful views on top, non-storage-layer functionality CAN always reside elsewhere, it's an issue of convenience and performance, NOT logical consistency, completeness, correctness).

I think the business layer and user-experience layers should come after. I realize that's a controversial position, but my point is that the user stories (and implied business-rules that come with them) have ALREADY told you a LOT about the business and user layers -- so, "nailing down" (relatively speaking -- agility and "embrace change!" should always rule;-) the data storage layer is the next order of business, and refining ("drilling down") the higher layers can and should come after.

Alex Martelli  2009-09-06 03:27:39
Second this approach! It sounds like you designed the "tables" too early. You should really concentrate on the user interaction first, then design the application to support these actions and only those actions. Starting with tables you will usually end up with lots of irritating and essentially useless artifacts on the user's screen along with unnessesary and illogical dialog steps.
James Anderson  2009-09-08 08:29:49
+1  A: 

Try to setup a prototype with something that is more productive then C++ for example Ruby, Python and well maybe even PHP.

When the prototype works and you see your data model is okay and your queries are too slow then you can start using C++.

But as your questions suggests you have more options then data and in this case the speed of a scripting langauge should be enough.

Lothar  2009-09-06 09:32:38
+2  A: 

The scope of the question is very broad. You are expecting me to tell what to do. I can only do a good job of telling how to do things. Do investigate upon using Hibernate/Spring. Since most of your operations looks like querying db, hibernate should help. Make sure the tables are sufficiently indexed so your queries can run faster if filtered based on index fields. The challenging task is design your DB layer which will be the glue between your application and db. Design your db layer generic enough so that it can build queries based on the params that you pass to it. Then move on to develop the above presentation layer. Developing your application layer by layer helps since it will force you to decouple the db logic from the presentation logic. When you develop the db layer, assume that not just your presentation layer but any client can call it. This will help you to design applications that can be scalable and adaptable to new requirements. So bottom line : Start with DB, DB integeration layer, Controller and last Presentation Layer.

Cshah  2009-09-07 13:04:49
+2  A: 

For the purpose of discussion, I'm going to assume that you are working with a starting application that doesn't have a pre-existing database. If this is false, I'd probably move the order of steps around quite a bit.

1 - Understand the Universe

First, you've got to get a sense of what's around you so you can really understand the problem that you are trying to solve.

  • User stories or use cases are often a good starting point. Starting with what tasks the user will try to do, and evaluating how frequently they are likely to be is a great starting point. I like to start with screen mockups as well, with or without lots of hands on time with users, I find that having a screen gives our team something really finite to argue about.
  • What other tools exist in this sphere? These days, it seems to me that users never use just one tool, they swap around alot. You need to know two main things about the other tools you users use:
  • (1) - what will they be using as part of the process, along side your tool? Consider direct input/output needs - what might they want to cut/copy/paste from or to? What tools might you want to offer file upload/download for with specific formats, what tools are they using alongside your tool that you might want to share terminology, layout, color coding, icons or other GUI elements with. Focus especially on the edges of the tools - a real gotcha I hit in a recent project was emulating the databases of previous tools. It turned out that we had massive database shift, and we would likely have been better starting fresh.
  • (2) What (if anything) are you replacing or competing with? Steal the good stuff, dump and improve the bad stuff. Asking users is always best. If you can't at least understanding the management initiative is important - is this tool replacing a horrible legacy tool? It may be legacy, but there may be the One True Feature that has kept the tool in business all these years...

At this stage, I find that things are really mushy - there's some screen shots, some writing, some schemas or ICDs - but not a really gelled clue.

2 - Logical Entities

Or at least that's what the OO books call it.

I don't care much for all the writing I see on this task - but I find that any any given system, I have one true diagram that I draw over and over. It's usually about 3-10 boxes, and hopefully less than an exponentially large number of lines connecting them. W

The earlier you can get that diagram the better.

It doesn't matter to me if it's in UML, a database logical model, something older, or on the back of a napkin (as long as the napkin is shrouded in plastic and hung where everyone can see it).

The earlier you can make this diagram correctly, the better.

After the diagram is made, you can start working on the follow on work that may be more official.

I think it's a chicken and egg question on whether you start with your data or you start with your screens and business logic. I know that you certianly want to optimize for database sizing and searchability... but how do you know exactly what your database needs are without screens and interfaces giving you a sense for the data?

In practice, I think this is an ever-churning cycle. You do a little bit everywhere, and then you change it all.

Even if you don't get to do a formal agile lifecycle, I think you're best bet is to view design as agile -- it will take many repetitions and arguments before you really feel it's "right".

bethlakshmi  2009-09-08 17:59:04

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL