In the Database Trenches
Earlier this month, the O’Reilly Radar ran a nine-part series called Database War Stories that’s worth a look. Tim O’reilly inteviewed several of the biggest names in Web 2.0 to find out what kind of database issues came up along the way to, well, bigness. Second Life, Craigslist, and Google were among the many companies canvassed. As one might expect, no real trade secrets were revealed and the database sizes and traffic volumes are mere fantasy to most of us, but there are some nuggets of insight that may be useful for your next project.
Jumping back into the real world… If you develop web database-based applications, Steve Friedl has posted a great paper on SQL injection. SQL Injection Attacks by Example
demostrates how SQL code can be manipulated to steal or destroy information and then how to mitigate such attacks. It’s a very thorough, well-done look into an all too easy (and common) exploit.
