With the ever-burgeoning feature sets available in modern
databases, it's difficult to separate the wheat from the chaff. There are
plenty of high-level data warehousing features in Oracle for instance that you
might never need. Moreover, there may be some other features such as ACID
compliant transactions that you just can't do without. We'll look at the major
ones, such as stored procedures, views, snapshots, table datatypes, transactions,
and so on. We'll look at Postgresql, MySQL, and Oracle and discover which ones
do what you need.
Storing application code in the database has had it's
champions and detractors. I remain fairly agnostic on the issue so Ill try to
discuss both sides. When you start putting application code in the database, you
are in the thoroughly non-portable arena. That code, were you to port your
application to another database, would have to be rewritten. But its very
specificity to that database means it can also take advantage of, and wire
close to that engine. There are situations where stored code in the database
can be notably faster. Supposed you have to update some chunk of a million
rows after doing some machinations on the data.
In a stored procedure the data is read, manipulated, and
updated in one step. Meanwhile if you did the same in your middle tier
application code, you would have to send that data set over the network, do
your manipulations, and send it back. Not only would it make this one task slower,
but other transactions vying for that same data could potentially have to wait
while that data is in transit, and being manipulated. Also, stored code can
serve to encapsulate specific requests which can be invaluable at simplifying
your overall application. All three databases support stored procedures and
functions. Oracle also supports packages, or collections of stored procedures
as well as various object oriented features, which almost no one ever uses. An
additional note, a database engine actually context switches between stored
code, and the SQL code embedded therein. As of 9i, Oracle introduced bulk
binding, so you can do work on large sets of rows, and update them all in one
go, instead of each loop iteration. This feature can even further improve
performance quite dramatically.
Views are basically stored queries, and as such are not
overly complex to implement. However when they are used in a query, they
necessarily make that query more complex. So obviously, subqueries need to be supported
before Views can become available in a database. Oracle has obviously had
Views for some time. As of 5.0, MySQL has also supported views. As with Oracle, MySQL also supports UPDATEABLE views, with
some restrictions. Postgres also supports views and UPDATEABLE views. See
details in the Complex SQL section.
Materialized Views (snapshots)
These are supported well in Oracle by default. As a refresher, remember a materialized view (I prefer the much more visual snapshot terminology, but I digress) is a periodically updating copy or subset of a table. Imagine a view that fills a mirror copy with its query. Until the next refresh, that copy is static, not updated with the master. Usually a tradeoff is made between frequency of update, and maintenance of the transaction log (like an index) which supports it. On paper, MySQL and Postgresql do not support materialized views, however there are implementations of this on the internet, which should fit your needs, should you go this route and need some support. A stored procedure creates the materialized view and another one refreshes it. In essence a CREATE TABLE my_copy AS SELECT...
Today, programming web based applications for various
database applications is a truly egalitarian world. Almost all of the popular
web languages support all of these database types. Java, PHP, Perl, Python,
C#/.NET, etc etc. The world is your oyster.
MySQL, Oracle, and Postgres all support BEFORE & AFTER
event triggers on INSERT, UPDATE and DELETE. Personally I prefer to shy away
from triggers unless absolutely necessary. They tend to be forgotten about, and
sometimes come back to bite you. When used sparingly, they can be great though.
All three of these databases have vulnerabilities. It is truly
the nature of software to have corners with trouble hiding there. Moreover,
all three of them have regular patches of updates released. My personal
feeling though is that open-source means that necessarily more eyes, and often
more critical eyes, will be on the code. What's more, the pressure of the
community is much greater in the open-source world. In the commercial space, the
vendor can, and often does spin it's wheels when the repair is more expensive than
the perceived cost of waiting on the fix.
On the point of security inside the database, all three
support password logins and encryption of various types inside the database.
Oracle does have a newer feature called virtual private database, where
sections of tables, and columns can be encrypted, and hidden from view. This
can be very useful for controversial or sensitive data, that DBAs and other administrators
should not have access to.
Our three database platforms obviously have a lot of features, and different solutions for the same problems. In terms of security, triggers, views, materialized views, and stored procedures they provide a lot of the same functionality, though with differences in terms of performance and configurability. In part II we'll talk about some of the ways that the databases really start to differ significantly, in terms of indexing, but probably most importantly in their optimizing engines.
See All Articles by Columnist Sean Hull