364
I accidentally removed the WHERE clause from my SQL query in a personal tool. Every row is now the same. I overwrote 206,000+ rows. I have no backup, I am stupid. (lemmy.world)
submitted 1 year ago* (last edited 1 year ago) by drekly@lemmy.world to c/programming@programming.dev
113 comments fedilink hide all child comments

"UPDATE table_name SET w = $1, x = $2, z = $4 WHERE y = $3 RETURNING *",

does not do the same as

"UPDATE table_name SET w = $1, x = $2, y = $3, z = $4 RETURNING *",

It's 2 am and my mind blanked out the WHERE, and just wanted the numbers neatly in order of 1234.

idiot.

FML.

you are viewing a single comment's thread
view the rest of the comments
[-] drekly@lemmy.world 6 points 1 year ago* (last edited 1 year ago)

My only education is a super helpful guy from Reddit who taught me the basics of setting up a back end with nodejs and postgres. After that it's just been me, the references and stack overflow.

I have NO education about actual practises and protocol. This was just a tool I made to make my work easier and faster, which I check in and update every few months to make it better.

I just open vscode, run node server.js to get started, and within server.js is a direct link to my database using the SQL above. It works, has worked for a year or two, and I don't know any other way I should be working. Happy to learn though!

(but of course this has set me back so much it would have been quicker not to make the tool at all)

[-] max@feddit.nl 2 points 1 year ago

Have a look at an ORM, if you are indeed executing plain SQL like I’m assuming from your comment. Sequelize might be nice to start with. What it does is create a layer between your application and your database. Using which, you can define the way a database object looks (like a class) and execute functions on that. For instance, if you’re creating a library, you could do book.update(), library.addBook(), etc. Since it adds a layer in between, it also helps you prevent common vulnerabilities such as SQL injection. This is because you aren’t writing the SQL queries in the first place. If you want to know more, let me know.

[-] drekly@lemmy.world 2 points 1 year ago

Thanks, I'll look into it! I'm interested in why you got downvoted though! 😅

[-] max@feddit.nl 2 points 1 year ago* (last edited 1 year ago)

Short story, haters gonna hate ¯\_(ツ)_/¯ Long story, see my comment to the commenter below you. :)

load more comments (4 replies)
load more comments (4 replies)
load more comments (6 replies)
this post was submitted on 11 Oct 2023
364 points (97.6% liked)

Programming

17314 readers
93 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 1 year ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz