|
Posted by Hugo Kornelis on 12/06/05 00:24
On Mon, 05 Dec 2005 08:33:02 +0000, Trevor Best wrote:
>Danny wrote:
>> In general its not a security concern unless you are restricting columns
>> through a view. New columns would show up (assuming the view was
>> refreshed). Basically select * should be avoided unless it is the intend to
>> expose all columns no matter what. The bigger concern is when it's embeded
>> in code. The code could break if columns are changed.
>
>If you have "select * from table1" in code and drop column2 how is that
>different from having "select column1, column2, column3 from table1" in
>code and dropping column2? (apart from the error ocurring on a different
>line of code of course:-))
Hi Trevor,
Have you ever had the task to do impact analysis for an impending
change? Life is good if you can search your sources for a column name
and KNOW that you have all occurences.
Also - consider what happens if someone drops and recreates the tables
with the columns in a different order. Best case, you get an error
becuase datatypes don't match anymore. Worst case, you don't....
Best, Hugo
--
(Remove _NO_ and _SPAM_ to get my e-mail address)
[Back to original message]
|