In my (warped) view of history, Class::DBI was created to do two things - first to allow easy row-based manipulation of database entries, and second to allow triggers for databases which don't have them.

I recently started reading Celko's "SQL for Smarties", and he uses triggers and constraints quite a lot, which is news to me, but I think I understand the rationale behind it. Constraints are like taint mode in Perl - they prevent the database from containing data that violates the assumptions. Triggers are a nice thing to have as soon as you start going from row-oriented manipulation of your data (read-modify-write) to set-oriented manipulation (UPDATE foo SET bar=baz WHERE ...) - here, triggers are the only way to specify a separate action.

In the end I guess it depends on what you do. I wouldn't go as far and put stored procedures into the database - this means that the "actual" code is distributed over too many (two) components. But I really like specifying my reports in SQL, because SQL makes it so much easier to formulate aggregations than Perl.

I wouldn't go as far and put stored procedures into the database - this means that the "actual" code is distributed over too many (two) components.

But when you start to have many components consolidating code into the database via stored procedures can simplify the code of many clients.

Perhaps my view is too abstract, but I find the implication that a database's schema and implementation is not code to be limiting. If these limits really exist then fine; but here the discussion is premised on no lock-in to a particular database. Do not needlessly tie a free hand.

Be well,
rir

As for why you would use each feature, here's a quick primer:

• Triggers - these are used to do something whenever something else happens. Generally, they're used for maintaining data integrity with something outside the database or for some sort of referential integrity that standard foreign keys cannot do. My opinion is that if you are depending on them, you either don't trust your programmers or you build it wrong.
• Stored Procedures - these are little programs in your database. They're very useful when doing lots and lots of crazy stuff that's DB specific. I've used them and they're pretty nice, especially when you have multiple apps in multiple languages hitting the same database. Frankly, I don't work on those kinds of things anymore, so I don't use them.
• Views - These are great. Often, you have a table with a lot of information, but some of it is sensitive. So, you provide a view for those users who aren't allowed to see the whole thing. This is useful for applications, as well. If you can limit what an app is allowed to do, you limit what the attacker who cracked your app can do.

  Also, they're great for frequent joins. Let's say you have a join of three tables that you do on a regular basis. By providing a view for that join, you can reduce the query time because the DB will keep that resultset around as a temporary table.

Triggers ... My opinion is that if you are depending on them, you either don't trust your programmers or you build it wrong.

You say it like that's a bad thing. :-)

There are times when you really don't want to trust programmers. For instance one common use of triggers is for auditing changes. You don't want to be in a position of having a change in your financial data that you can't explain. Depending on your database (I've seen it demonstrated with Oracle), it is possible to set things up so that nobody - including the DBA - can make a change without it being audited. Sure, you can turn auditing off. But the fact that you turned it off will itself get logged.

Usually this would be overkill. But there are situations where you really do need to be able to trust, but verify to this level.

I think you have it exactly right, but I'd like to expand on the example.

Imagine an organization that has a sizeable group in charge solely of the database -- including replication across many servers, rational backup schemes, auditing and authorizing changes, optimizing queries and maintaining performance, etc. -- and then a wide variety of other groups which both develop applications as well as users using a variety of SQL reporting tools. The entire exercise can get exceedingly complicated and it can be pretty clear how triggers and stored procedures can be immensely useful for the DB group to maintain control.

From a one database to one application relationship these tools don't seem to make as much sense.

Mark

You say it like that's a bad thing. :-)

*grins* It's not a bad thing. In fact, it's often the only recourse a DBA has, precisely for the kind of reason you're talking about.

---

My criteria for good software:

1. Does it work?
2. Can someone else come in, make a change, and be reasonably certain no bugs were introduced?

If you create a view for a frequent join, what would be the best way to utilize that from CDBI? I would guess either (1) treating it as a separate table or (2) writing a "search view, map results into the 'real' table types" sub. Perhaps choose (1) if you don't have access to the base tables and (2) if you do?

So the views are updatable then?

That was one of the major features in MySQL 5.0 - the others being triggers, stored procedures, and the NDB table type.

---

My criteria for good software:

1. Does it work?
2. Can someone else come in, make a change, and be reasonably certain no bugs were introduced?

MySQL 5.0 supports stored procedures, triggers and ... views. As MySQL 5.0 is going to be released any day now, that canard is gone.

Depends what you want to use them for. See the MySQL Feature Restrictions. I'm not even sure it's a complete list since I'm pretty sure that triggers still don't fire on events caused by cascading foreign key actions - and that doesn't appear to be mentioned there.

The duck's still flying :-)

Stored procs are great, and can be used to achieve a number of objectives. The first is speed - the proc is pre-compiled and pre-optimized, and the optimization of a complex multi-table join can take a significant amount of time. The second is access control - you give access to the proc, not to the underlying table, and so you control what DML a client app can execute. The third is modularity - you can hide some DDL changes within the proc architecture without having to affect the client apps (this is of course not a complete solution, but for some things it can work pretty well.)

I haven't used views as much, but they can achieve similar results.

I would advise against having dynamic SQL all over the place in your client code - this makes maintaining the database and the dependancies in the client code a nightmare. In addition the dynamic SQL is really quite difficult to optimize when you hit a bug in the DB where an optimization hint might be needed (such as index hints, abstract query plans, etc.). My experience here has been as a DBA for a team that develops with WebObjects, and the results are sometimes quite ugly.

This is of course the view from the DBA, not so much the SQL/app developer, but may still be of use to you.

Michael