Topic: 纯技术讨论,笨笨蛋兄的面试题在内,我给出我所要做的设计,但没时间给解释...欢迎讨论 @拉斯维加斯华人论坛:拉斯维加斯枫下论坛 The Rolia Forum of Las Vegas

工作学习 / IT技术讨论 / 纯技术讨论,笨笨蛋兄的面试题在内,我给出我所要做的设计,但没时间给解释...欢迎讨论There is a table thatcontain 5M Records.
Create table User
{
userName char(50),password char(50), userLevel int(4)
}

an ugly code for login:

<%
...
commandText="Select * from User where userName=' & request("userName") & ' and pasword='" & request("password") & "'"
set rs=conn.excute(commandText)
if rs.EOF and rs.BOF then
response.redirect "error.htm"
else
response.redirect "content.htm"
end if
%> -lazycod(Elite Warrior); 2002-5-28 {450} (#544920@0)

1. Table 设计, PK可以是ID,也可以是UserName,但Cluster Index要在UserName上 -lazycod(Elite Warrior); 2002-5-28 (#544922@0)

about table, 我认为应该有个内部的unique ID, like: CustID（PK), customerName,....name 的唯一可通过coding 维护。这样有利于别的表的reference. -luoboyang(萝卜秧); 2002-5-28 (#544930@0)
是否加clustered index,不能想当然. 一般由query的特性决定.如果1.你的query大量的需要排序
2.你的query一般在某个range内search
3.database的transaction不是太频繁
才考虑用clustered index,否则它会影响系统的modification performance.因为当加,减,改record 时,相关的record就要做physical sorting. -yangn(Raymond); 2002-5-28 {224} (#545233@0)

极好,极好...确实是Raymond DX. 我是这么考虑的, 仅对验证功能来说, UserName是被查询最频繁的field,对于5M的记录来说, 对UserName加clustered index应该可以较好改善性能. 望加以指点.. ^_^另外, UserTable的transaction应该不是很频繁 -lazycod(Elite Warrior); 2002-5-28 {42} (#545242@0)

你考虑的有道理.但一般如果能用non clustered的,我觉得还是尽量少用clustered,一是从overheading上考虑,二是每个table只能有一个clustered index,如果以后你觉得别的column 或columns更应该加clustered index 怎么办?这时你必须rebuild not only the clustered but also non clustered index.可能那时的record就不是5M啦. -yangn(Raymond); 2002-5-28 {225} (#545268@0)

有道理,谢谢! 确实有收益... -lazycod(Elite Warrior); 2002-5-28 (#545271@0)

2. 用SP取的PWD, (不用SQL Statement) 但SP不返回RS -lazycod(Elite Warrior); 2002-5-28 (#544925@0)

HaHa, You failed already!!! Using SP is a very famous "quick and dirty way" to get RS . Its performance is even better than call "COMMAND" object. (See 2001.9 SQL server magazine). I use it all the time. -simonp(simonp); 2002-5-28 (#545077@0)

哈哈..往下看, SP根本不返回RS...你太粗心了!! 不过表明老兄的根底很深厚.... -lazycod(Elite Warrior); 2002-5-28 (#545084@0)

This example works perfect : RS = CONN.SP_NAME (var1,var2...) -simonp(simonp); 2002-5-28 (#545105@0)

我认为这个方法不理想, 使用RS的 Performance and Scalability 不如用 output parameter. 理由见内...1. 在DB端, Performance 应该差不多
2. 在Middle Tier, 不用创建开销较大的 RS, 对Performance and Scalability 绝对有好处,特别是用户较多的情况下... -lazycod(Elite Warrior); 2002-5-28 {143} (#545115@0)
用 CONN.SP_NAME(..) 这种方法确实有利于提高 Performance, 就是知道这种用法的人不多.... 不错! 但我觉的我的理由也挺充分, 不好说谁优谁劣... -lazycod(Elite Warrior); 2002-5-28 (#545124@0)

Table 可做细微修改, 如类型,长度..根据Business Logic -lazycod(Elite Warrior); 2002-5-28 (#544927@0)
4. 把所有数据存取Code 从ASP中移到Component中 -lazycod(Elite Warrior); 2002-5-28 (#544929@0)

扔到store procedure里面去 -flying_snow(飞雪浮冰); 2002-5-28 (#544940@0)
SP or COM? It all depends real situation's Design-Architecture. They both have PROs and CONs.One shouldn't make any decision without asking the real situation.( of course, It will improve your professional image if you ask this kind of question to interviewer) -simonp(simonp); 2002-5-28 {168} (#545120@0)

因为PWD一般是Case-Sensitive, 而SQL SERVER缺省是Case-InSensitive,所以在Component中判断好一些... -lazycod(Elite Warrior); 2002-5-28 (#545129@0)

错.Stored procedure是否是case insensitive由安装sql server时所选定的collation setting 决定. -yangn(Raymond); 2002-5-28 (#545198@0)

我不是说"缺省"了吗....DB大侠看仔细点... ;-) -lazycod(Elite Warrior); 2002-5-28 (#545204@0)

不好意思.但stored procedure的case sentitive ,是跟着collation setting走的.后者是什么,前者就是什么,不存在default的问题.当然你可以说对installation 而言,collation setting的default是case insentitive.但在SQL 2000里.collation setting是可以对特定的db 更改的.所以很难说default倒底是什么啦. -yangn(Raymond); 2002-5-28 {163} (#545248@0)

说的对..所以在Component中验证PWD是否更合理一些?不用顾及DB的设置... -lazycod(Elite Warrior); 2002-5-28 (#545257@0)

IMHO, "Case Sensitive/Insensitive" can NEVER be a decision-making-reason for picking different tech. Again: It all depends (Performance/Scalability/Maintain Cost/Tech Resources etc.) -simonp(simonp); 2002-5-28 (#545334@0)

我一直在说, SP+COM 谁也不能取代谁对吗? -lazycod(Elite Warrior); 2002-5-28 (#545345@0)

个人觉得,stored procedure和COM 是两个根本不同的概论,不具有可比性.But from the perspective of system maintenance and performance, you'd better put the sql statement into the database server instead of the COM components. This method not only decreases the network traffic between the client and server, but also makes your system to be migrated more easily in the future. For Instance, if you want to change the structure of your table according to the business requirement, you don't need to modify the sql statements in you COM and recompile the components. -yangn(Raymond); 2002-5-28 {496} (#545382@0)

对, 就是我要说的.... -lazycod(Elite Warrior); 2002-5-28 (#545387@0)

对！我就看了题目。。。咱俩真象一个公司出来的，呵呵。 -luoboyang(萝卜秧); 2002-5-28 (#545389@0)

如果咱俩真是一个公司出来的,你不怕我把隐藏极深的萝卜秧给挖掘出来? ^_* -lazycod(Elite Warrior); 2002-5-28 (#545399@0)

当然我不怕了，totally under control，呵呵。 -luoboyang(萝卜秧); 2002-5-28 (#545426@0)

我指的是数据存取逻辑....所以一般总应该是 SP+COM -lazycod(Elite Warrior); 2002-5-28 (#545133@0)

5. 使用Command 而不是 RS 取得数据库返回值...在Code中根本没有RS -lazycod(Elite Warrior); 2002-5-28 (#544938@0)
6. 不能使用Session, 有很多其他解决方法.... -lazycod(Elite Warrior); 2002-5-28 (#544939@0)

If you don't use session to handle user authorization , it's hard to realize it regardless the potiential security problem . -wheeler-dealer(abc); 2002-5-28 (#545033@0)

可以去访问一些大的商用站点, 你的browser可以Disable Cookie, 但一样可以验证用户 (再ASP中, 用户禁止了Cookie, Session就不起作用了) 此外,考虑Web Farm的情况MS 把一些在ASP中对付Session的技巧加入到在 ASP.NET中, 如果是ASP.NET Session不是什么大问题. -lazycod(Elite Warrior); 2002-5-28 {90} (#545054@0)

session 从技术上来将就是Cookie , 只不过相当于存了个Reference 在客户端. -wheeler-dealer(abc); 2002-5-28 (#545134@0)

在ASP中, 不完全正确, 但可以这么理解...所以不能随便使用Session -lazycod(Elite Warrior); 2002-5-28 (#545139@0)

对于JSP , PHP , Python , Mod_perl , etc . 都是一样的呀. I believe we should say , session should be heavily used . no big security problem I believe . -wheeler-dealer(abc); 2002-5-28 (#545142@0)

Session 是Web Server中为每一个用户开辟的一块存储空间.有如下缺点 1. 用户太多时, 系统负荷加大 2. 在ASP中, Session依赖于Cookie 3. 在ASP中, 不适于 Web Farm(在大型站点中极为普遍) 情况 -lazycod(Elite Warrior); 2002-5-28 (#545154@0)

I believe you don't have experience in super high-traffice website . for website with middle-size traffic volume or less , this is not a problem at all ! and could be ingored . For super busy website ,The solution will be another case . Even the webserver itself need to be re-writen . -wheeler-dealer(abc); 2002-5-28 {85} (#545176@0)

哈哈..你怎么得出你的结论来的? 我还真有experience in super high-traffice website,起码在加拿大是相当大了(面试时,告诉我是No 1) ...不过你的技术论点一直很不明确,我一直不明白你要说什么?? -lazycod(Elite Warrior); 2002-5-28 (#545183@0)

oh, my god!咱俩不是在一个公司工作吧。人家说我做的这个也是No.1...：-）） -luoboyang(萝卜秧); 2002-5-28 (#545184@0)

不会...我知道那个公司IT部门的中国人都离开了...我现在也走了...你在哪儿? 我再补充一句, 应该是No.1 e-commerce site. -lazycod(Elite Warrior); 2002-5-28 (#545188@0)

没错，就是No.1 e-commerce site....不过在production上我用的不是ASP。ASP只是用于一些internal的projects. -luoboyang(萝卜秧); 2002-5-28 (#545191@0)

你在哪儿...我肯定咱俩没在一起工作过....我所说的No.1是一年前的统计,现在不知道是不是还是No.1 (萝卜秧在TD???) -lazycod(Elite Warrior); 2002-5-28 (#545196@0)

TD bank ? kidding // -asdfg(box); 2002-5-28 (#545215@0)

哪里的No.1 ? 什么No.1 ? :-) -wheeler-dealer(abc); 2002-5-28 (#545194@0)

加拿大的...//脸红了... ^_* -lazycod(Elite Warrior); 2002-5-28 (#545201@0)

嘿嘿, 我从前天刚开始学ASP & ASP.net 的, 在您面前班门弄斧了. -asdfg(box); 2002-5-28 (#545208@0)

hehe// how many ppl are there in Canada ?! much less than ppl in a single Beijing . It cannot be called SUPER. what I mean is Yahoo!'s counterpart . My view simply is to use ...hehe// how many ppl are there in Canada ?! much less than ppl in a single Beijing . It cannot be called SUPER. what I mean is Yahoo!'s counterpart . My view simply is to use session for user authorization for fairly high-traffic site is the right solution . no better one . -wheeler-dealer(abc); 2002-5-28 {275} (#545193@0)

如果用户Disable Cookie怎么处理, 按照你的理论"session 从技术上来将就是Cookie " -lazycod(Elite Warrior); 2002-5-28 (#545200@0)

老实讲, 如果用户Disable Cookie , 那么Session 肯定不能用啦. 实在不行, 就通过ID 来模拟Session 的功能, 通过Hidden Form 来传递信息. -asdfg(box); 2002-5-28 (#545213@0)

Come on man: YAHOO MAIL, HOT MAIL are both using session/cookie solution. List keep going: Amazon/EBAY same thing. -simonp(simonp); 2002-5-28 (#545276@0)

You know what, I just try ROYAL BANK ONLINE BANKING, They using cookie/session solution as well. -simonp(simonp); 2002-5-28 (#545317@0)

使用 cookie/session 并不表示它就一定是最好的方法, 因为有别的途径呀. 所以.NET 中才会特意改进了Session 的机制. 如果这些站点确实使用Session, 它们需要特殊的方法把用户始终导向同一台 Web Server -lazycod(Elite Warrior); 2002-5-28 (#545336@0)

忘了说一点 ASP中的Session 不等于 Cookie -lazycod(Elite Warrior); 2002-5-28 (#545340@0)

我还纳闷你们怎么把这两个扯到一起去了？ -luoboyang(萝卜秧); 2002-5-28 (#545343@0)

我也正奇怪呢....? -lazycod(Elite Warrior); 2002-5-28 (#545346@0)

Sessions rely on cookies(special).See it your self: .--- In your IE window Tools/Internet Options/Privacy/Advanced button--if you disable it, You can NOT check your yahoo mail and can not do Royal banks' online banking -simonp(simonp); 2002-5-28 (#545355@0)

但使用Cookie并不表示Server使用了Session... ^_* -lazycod(Elite Warrior); 2002-5-28 (#545357@0)

Come on. Check Royal bank ONLINE HELP, http://www.royalbank.com/online/faqindex.html#8 -simonp(simonp); 2002-5-28 (#545363@0)

"Session Cookies" 和 ASP中的Session 是两个概念. 不过ASP中的Session确实需要Session Cookies; 但使用Session Cookies不表示 Server一定使用Session.. 真的.. ^_^ -lazycod(Elite Warrior); 2002-5-28 (#545379@0)

Session is piece of data in memory,cookie is piece of data in internet temp folder, they are different,if you disable cookie, it will prevent computer from downloading the that piece of data whatever is in cookie or session

becasue the cookie is in temp folder, even you reboot the system, the cookie will still be there,but the session will be gone.

------------
maybe I am wrong.:) -nice2002(nice2002); 2002-5-28 {288} (#545440@0)

7 建议使用COM+ Service -lazycod(Elite Warrior); 2002-5-28 (#544941@0)
8. 在Component而不是ASP或SP中验证PWD -lazycod(Elite Warrior); 2002-5-28 (#544942@0)
9. 不使用response.redirect ,而是Server.Transfer.... -lazycod(Elite Warrior); 2002-5-28 (#544946@0)

why? -wheeler-dealer(abc); 2002-5-28 (#544977@0)

节省了用户和Web Server间的通讯次数.... -lazycod(Elite Warrior); 2002-5-28 (#544982@0)

10. 有些东西有段时间没用了,可能有笔误....望修正,补遗... -lazycod(Elite Warrior); 2002-5-28 (#544948@0)

@Las Vegas

Topic

More Topics