I'm working on a small application using servlets & a database, and I was having a debate with someone this morning... In general, is the "norm" to have application level integrity checking only or at both the application level and database level. That is, is it overkill to set up primary and foreign key constraints, not null, etc at the database level as well?
Ok, let me clarify where I'm coming from. I am just returning to programming from a few years hiatus. When I worked on projects before, I did both application and database level checking. So I was surprised when I spoke with someone this morning and he said that I was "so stuck in 1999" because no one uses primary/foreign key/not null/etc constraints in the database anymore because it should be handled by the application these days. I just wanted to see if this is truly the case and if this is some new methodology that people use these days.
no one uses primary/foreign key/not null/etc constraints in the database anymore
Ummm, well, I guess I can't speak for everybody, but at evey place I've worked anyone who made such an assertion would be on the short list of people whose participation in the Salary Continuation Program was suspect.
Here's why. If you only have it in the application.
1 More maintenance in the application, but it is a good trade-off, because why add network traffic if the data is known that it wouldn't be good.
OK, then why the database, because not every call to the database is guaranteed to be from your application. Especially with the web, there are some great hackers that can get to your database and put in bad data. Or maybe even another applicaiton at your company that doesn't know those rulse and puts in bad data.
Tell the person that said "1999" that they need a new line, I am sure they use that line over and over again.