Maybe there is a way to add this kind of checking to SQLObject somehow,
where it throws an error or something when it detects you using a
keyword for a table name. I would assume that this is not terribly
difficult considering SQLObject already has a list of all the SQL
keywords, but I haven't really looked at the code to check for certain.
Please, don't use this obsolete syntax. Use the sqlmeta class for that. It's
in the same page above: http://www.sqlobject.org/SQLObject.html#class-sqlmeta
--
Jorge Godoy <jgo...@gmail.com>
Robert Brewer
System Architect
Amor Ministries
fuma...@amor.org
This is a recurrent question/problem in the mailing list.
People went starting to work on identity will probably name their class Group.
People that are probably testing TG will want to make a shopping cart or something similar and will probably come up with the Order class
We all know the problem is with SQLs "order by" and "group by" keywords but most people don't realise this until it has taken some time to find the answer.
So far I think the best way to go around this is with documentation, but I'm not sure where to put it so people can access it.
I think a couple of sidenotes in the docs could help.
So far I have think of the following places:
- In the "write your own identity" tutorial
- in the TG main documentation, went first declaring SQLObject classes
- Same as above in TG book (I'll make sure this gets there)
- in a FAQ (if there is any)
- Somewhere in trac/docudo
- in this same post so those who search before ask can get this.
I think the text should be something like "Remenber even though SQLObject abstracts us from the DB we still can't use any if it's reserved keywords, the most common mistakes are Order and Group which colide with order by and group by. This Happens because of the way the table names are guess by SQLObject, but you can go around that like this http://www.sqlobject.org/SQLObject.html#changing-the-naming-style"
On 4/19/06, Jorge Vargas <jorge....@gmail.com > wrote:
This is a recurrent question/problem in the mailing list.
People went starting to work on identity will probably name their class Group.
People that are probably testing TG will want to make a shopping cart or something similar and will probably come up with the Order class
We all know the problem is with SQLs "order by" and "group by" keywords but most people don't realise this until it has taken some time to find the answer.
So far I think the best way to go around this is with documentation, but I'm not sure where to put it so people can access it.
I think a couple of sidenotes in the docs could help.
So far I have think of the following places:
- In the "write your own identity" tutorial
- in the TG main documentation, went first declaring SQLObject classes
- Same as above in TG book (I'll make sure this gets there)
- in a FAQ (if there is any)
- Somewhere in trac/docudo
- in this same post so those who search before ask can get this.
I think the text should be something like "Remenber even though SQLObject abstracts us from the DB we still can't use any if it's reserved keywords, the most common mistakes are Order and Group which colide with order by and group by. This Happens because of the way the table names are guess by SQLObject, but you can go around that like this http://www.sqlobject.org/SQLObject.html#changing-the-naming-style"
This is not user error, this is a bug in SQLObject. Field names should be properly quoted (backticks
in MySQL). I'm not aware of any SQL database which imposes restrictions on table and column names.
Table and column names should always be quoted in SQL on general principal.
I will file a bug.
-Rob
Jorge Vargas wrote:
> This is a recurrent question/problem in the mailing list.
>
> People went starting to work on identity will probably name their class
> Group.
> People that are probably testing TG will want to make a shopping cart or
> something similar and will probably come up with the Order class
This is not user error, this is a bug in SQLObject. Field names should be properly quoted (backticks
in MySQL).
I'm not aware of any SQL database which imposes restrictions on table and column names.
Table and column names should always be quoted in SQL on general principal.
I will file a bug.
-Rob
You say restriction, I say syntax error :-)
Fair enough though. All I'm saying is there shouldn't be a reason why this isn't possible, all
that's required is a cleanup to SQLObject's query builder. If SO is written well this could be a
two-line patch :-)
Anyway I'm still SQLAlchemy++, and I've never even used it. I'm wary of integrating projects at the
core which have flatlined at 0.7.
-Rob
> builder. If SO is written well this could be a two-line patch :-)
It would be nice to see a 2 line patch to cover Oracle, PostgreSQL, Firebird,
SQLite, MySQL, etc. on this subject. Specially because if it included tests
(those can have more than 2 lines ;-)) they would probably be accepted.
Ah! Of course, one has to remember about case-folding differences and that it
is relevant specially for already existing database ("fromDatabase = True").
--
Jorge Godoy <jgo...@gmail.com>
I'm not sure if case folding applies to this. All that should be necessary is adding backticks (or
equivalents - maybe) around table/column names.
-Rob
> I'm not sure if case folding applies to this. All that should be necessary
> is adding backticks (or equivalents - maybe) around table/column names.
In PostgreSQL if you use quotes you have to use the exact same case that was
used to create the table. If you don't, names will be converted to lower
case. In Oracle if you don't use quotes names will be converted to upper
case.
If you create a table like this "Test" then you can't access it like "test" or
"TEST" in PostgreSQL, for example. On the other hand, if you create it like
Test, then it will be converted to test and you can access it as test, Test,
TEST, teST, TeST, etc. All without quotes, of course. If you try accessing
it as "Test" (with quotes), it will fail.
Now, imagine it in an database that is used by several applications in, lets
say, 3 different languages. Several different teams coding, etc. If you
enforce the use of quotes in one of these apps, *all* of them will have to
use quotes to maintain compatibility and there will have to be some internal
documentation on how to name tables and columns. If you don't use quotes,
then it doesn't matter if team A writes "select ThisColumn from TableA" and
team B writes "select thiscolumn from tablea" since both will succeed.
There is much more to consider than just the presence or absence of quotes,
backticks, etc. here. It is easy to think in a new application used by only
one team but it is a very narrow minded approach to a database that can be
shared by several applications and several teams in different programming
languages.
--
Jorge Godoy <jgo...@gmail.com>
[]s
Roger
You could offer an "application DB" mode that quotes everything and an
"integration DB" mode that quotes nothing (and lowercases for PG). Then
only those with integrated DB's would have to "pay the price" of
avoiding reserved words.
<clickety-click> I just added that option to Dejavu's Postgres adapter,
defaulting to "application DB" mode. Written, tested, and debugged in
15 minutes.
And then you'd have to test two different things all the time, document and
explain two different approaches, maintain two different code paths, do it
for all supported databases (PostgreSQL, Firebird, MySQL, Oracle,
SQLite, ...), etc.
I don't see this with good eyes, but nothing is preventing you people from
writing a patch for that -- with tests -- and submitting it to the SQLObject
trac and mailing list. Remember to support everything that is in their code
right now...
It looks like, from the core, there's "only" support for:
- PostgreSQL
- SQLite
- MAXDB
- MySQL
- Sybase
- Firebird
- MS SQL Server
Be seeing you,
--
Jorge Godoy <jgo...@gmail.com>
I think TurboGears, as a RAD application for making your life easier, would benefit from not
slapping people with tracebacks when they try to use obvious names in their models.
Does SA have these problems?
-Rob
> I think TurboGears, as a RAD application for making your life easier, would
> benefit from not slapping people with tracebacks when they try to use
> obvious names in their models.
So obvious that they were standardized as keywords for one of the involved
layers. Unfortunately? I don't know...
But, still, nothing will prevent people from using these obvious names for
their classes if they use different table names, what solves the problem in a
different way (and is transparent everywhere except for a line or two in the
model).
> Does SA have these problems?
You'd have to check. I've never used SQL Alchemy here.
--
Jorge Godoy <jgo...@gmail.com>
Yep. I added this note there and closed a bug with it. There's no "order"
table in Identity AFAIR and we can't document all reserved keywords for all
RDBMS servers (they differ, unfortunately).
--
Jorge Godoy <jgo...@gmail.com>
--
Jorge Godoy <jgo...@gmail.com >
"this" what? I was explaining about case folding. For reserved keywords one
should check the manual of the RDBMS server he/she is using.
> I think it will be a good idea to have an explanation if why this is need
> to be taken into account.
If you're going to use quotes then this *has* to be taken into account. If
you're not using quotes, then all RDBMS servers should "do the right
thing"(tm).
This is what I was explaining on this message.
--
Jorge Godoy <jgo...@gmail.com>
-Rob
Jorge Vargas wrote:
> On 4/25/06, *Jorge Godoy* <jgo...@gmail.com <mailto:jgo...@gmail.com>>
> Jorge Godoy <jgo...@gmail.com <mailto:jgo...@gmail.com> >
>
>
>
> >
What names? Names for MySQL are not the same names as for PostgreSQL and
Oracle and Firebird and ...
If each driver had a list of reserved keywords, then it would be possible.
The problem is the performance impact since you should check for these on
table creation and every select (I believe that with sqlbuilder I can select
into a temporary table...).
Saying that, why not blaming it on the connection driver itself? :-) After
all, SQL Object uses them and they did nothing to prevent that as well and
they are the most dedicated part of the setup and more featureful than SQL
Object for one specific database server.
--
Jorge Godoy <jgo...@gmail.com>
Em Quarta 26 Abril 2006 05:55, Robin Haswell escreveu:
> Maybe SO should throw an error/warning when people use these names?
What names? Names for MySQL are not the same names as for PostgreSQL and
Oracle and Firebird and ...If each driver had a list of reserved keywords, then it would be possible.
The problem is the performance impact since you should check for these on
table creation and every select (I believe that with sqlbuilder I can select
into a temporary table...).
Saying that, why not blaming it on the connection driver itself? :-) After
all, SQL Object uses them and they did nothing to prevent that as well and
they are the most dedicated part of the setup and more featureful than SQL
Object for one specific database server.
I'd think it would be very easy for SQLObject to maintain such a list
for each driver. Such lists are freely available, for a start.
As for performance, if you're worried about the efficiency of doing a
simple "if kw in kwDict", you shouldn't be using an object-relational
mapper in the first place ;)
--
Ben Sizer
You can create temporary tables with select. What if one of those had a
reserved keyword as its name?
One example of that for PostgreSQL
(http://www.commandprompt.com/ppbook/r28390):
booktown=# SELECT * INTO TEMP TABLE old_emp
booktown-# FROM employees
booktown-# WHERE id < 105;
SELECT
--
Jorge Godoy <jgo...@gmail.com>
> As for performance, if you're worried about the efficiency of doing a
> simple "if kw in kwDict", you shouldn't be using an object-relational
> mapper in the first place ;)
Just because it doesn't fly it can't run? ;-) I don't believe that we have
to make things worse to protect the developer from shooting himself, after
all, as you said, such listings are freely available.
--
Jorge Godoy <jgo...@gmail.com>
SQLObject most probably should have hid different backend quoting rules
from the library user. But given its current development speed (read:
none) it's unlikely to happen anytime soon.
I doubt adding "names blacklist" would be accepted either.
I think the best approach is just to clearly document this SO'
deficiency and move on.
Regards,
Max.
Jorge Godoy wrote:
> Em Quarta 26 Abril 2006 05:55, Robin Haswell escreveu:
> > Maybe SO should throw an error/warning when people use these names?
>
> What names? Names for MySQL are not the same names as for PostgreSQL and
> Oracle and Firebird and ...
>
> If each driver had a list of reserved keywords, then it would be possible.
> The problem is the performance impact since you should check for these on
> table creation and every select (I believe that with sqlbuilder I can select
> into a temporary table...).
I'd think it would be very easy for SQLObject to maintain such a list
for each driver. Such lists are freely available, for a start.
--
Ben Sizer
IMO, if I were using SQL itself I wouldn't have a problem with reserved keywords. However TG
strongly recommends MVC with an ORM, and as such, should at least provide some contextual warning
about reserved keywords - if not at least on "tg-admin sql create". As has been pointed out - "if kw
in dict" is a very efficient operation in Python. In fact python has one of the most efficient
hashtable lookup algorithms in the known universe.
-Rob
If the doc pages on SO in TG and SO had big fat red messages at the top of them warning about this,
then yes, perhaps, but as it stands they don't.
Also, an ex-manual SQL developer coming to TG would not probably think about the problems associated with using reserved keywords, as he/she's used to escaping them and would probably (and not unreasonably) assume that his ORM dealt with escaping
fields properly anyway.
IMO, if I were using SQL itself I wouldn't have a problem with reserved keywords. However TG
strongly recommends MVC with an ORM, and as such, should at least provide some contextual warning
about reserved keywords - if not at least on "tg-admin sql create".
As has been pointed out - "if kw
in dict" is a very efficient operation in Python. In fact python has one of the most efficient
hashtable lookup algorithms in the known universe.