我们应该在数据库表命名约定中使用前缀吗?
[英]Should we use prefixes in our database table naming conventions?
问题描述
We are deciding the naming convention for tables, columns, procedures, etc. at our development team at work. 
我们正在决定工作开发团队的表,列,程序等的命名约定。 The singular-plural table naming has already been decided , we are using singular. 单数复数表命名已经确定 ,我们使用单数。 We are discussing whether to use a prefix for each table name or not. 我们正在讨论是否为每个表名使用前缀。 I would like to read suggestions about using a prefix or not, and why. 我想阅读有关使用前缀的建议,以及原因。
Does it provide any security at all (at least one more obstacle for a possible intruder)? 它是否提供任何安全性(对于可能的入侵者至少还有一个障碍)? I think it's generally more comfortable to name them with a prefix, in case we are using a table's name in the code, so to not confuse them with variables, attributes, etc. But I would like to read opinions from more experienced developers. 我认为用前缀命名它们通常会更舒服,以防我们在代码中使用表名,所以不要将它们与变量,属性等混淆。但我想阅读更有经验的开发人员的意见。
7 个解决方案
解决方案1
25 2008-11-27 17:09:37
I find hungarian DB object prefixes to indicate their types rather annoying. 我发现匈牙利数据库对象前缀表明它们的类型相当烦人。
I've worked in places where every table name had to start with "tbl". 我曾在每个表名必须以“tbl”开头的地方工作过。 In every case, the naming convention ended up eventually causing much pain when someone needed to make an otherwise minor change. 在每种情况下,当某人需要进行其他微小的改变时,命名约定最终会导致很多痛苦。
For example, if your convention is that tables start with "tbl" and views start with "v", thn what's the right thing to do when you decide to replace a table with some other things on the backend and provide a view for compatibility or even as the preferred interface? 例如,如果你的约定是表以“tbl”开头而视图以“v”开头,那么当你决定用后端的其他东西替换表并提供兼容性视图时,做什么是正确的。即使作为首选界面? We ended up having views that started with "tbl". 我们最终得到了以“tbl”开头的观点。
解决方案2
10 已采纳 2008-11-27 16:32:26
I prefer prefixing tables and other database objects with a short name of the application or solution. 我更喜欢使用应用程序或解决方案的短名称为表和其他数据库对象添加前缀。
This helps in two potential situations which spring to mind: 这有助于产生两种可能出现的情况:
You are less likely to get naming conflicts if you opt to use any third-party framework components which require tables in your application database (eg asp net membership provider).
如果您选择使用任何需要应用程序数据库中的表的第三方框架组件(例如,asp net membership提供程序),则不太可能发生命名冲突。 If you are developing solutions for customers, they may be limited to a single database (especially if they are paying for external hosting), requiring them to store the database objects for multiple applications in a single database.
如果您正在为客户开发解决方案,他们可能仅限于一个数据库(特别是如果他们为外部托管付费),要求他们将多个应用程序的数据库对象存储在一个数据库中。
解决方案3
8 2008-11-27 16:59:05
I don't see how any naming convention can improve security... 我没有看到任何命名约定如何提高安全性......
If an intruder have access to the database (with harmful permissions), they will certainly have permissions to list table names and select to see what they're used for. 如果入侵者有权访问数据库(具有有害权限),他们肯定有权列出表名并选择查看它们的用途。
But I think that truly confusing table names might indirectly worsen security. 但我认为真正令人困惑的表名可能会间接地恶化安全性。 It would make further development hard, thus reducing the chance security issues will be fixed, or it could even hide potential issues: 这将使进一步的发展变得困难,从而减少安全问题得到解决的机会,或者甚至可以隐藏潜在的问题:
If a table named (for instance) 'sro235onsg43oij5' is full of randomly named coloumns with random strings and numbers, a new developer might just think it's random test data (unless he touches the code that interact with it), but if it was named 'userpasswords' or similar any developer who looks at the table would perhaps be shocked that the passwords is stored in plaintext. 如果名为(例如)'sro235onsg43oij5'的表中充满了随机命名的coloumns,其中包含随机字符串和数字,新开发人员可能会认为它是随机测试数据(除非他触摸与之交互的代码),但如果它被命名'userpasswords'或类似的任何开发人员如果查看该表,可能会对密码存储在纯文本中感到震惊。
解决方案4
3 2009-06-04 21:04:53
Why not name the tables according to the guidelines you have in place for coding? 为什么不按照您编写的指南来命名表格? Consider the table name a "class" and the columns a "property" or "field". 将表名称视为“类”,将列视为“属性”或“字段”。 This assists when using an ORM that can automatically infer table/column naming from class/member naming. 这有助于使用可以从类/成员命名自动推断表/列命名的ORM。
For instance, Castle ActiveRecord , declared like below assumes the names are the same as the member they are on. 例如,像下面声明的Castle ActiveRecord 假定名称与它们所在的成员相同 。
[ActiveRecord]
public class Person
{
[PrimaryKey]
public Int32 Id { get; set; }
[Property]
public String Name { get; set; }
}
解决方案5
2 2008-11-27 16:35:49
如果您使用SqlServer,那么良好的开端是查看为某些指导提供的示例数据库。
解决方案6
2 2011-09-17 15:56:53
In the past, I've been opposed to using prefixes in table names and column names. 过去,我一直反对在表名和列名中使用前缀。 However, when faced with the task of redesigning a system, having prefixes is invaluable for doing search and replace. 但是,当面临重新设计系统的任务时,拥有前缀对于进行搜索和替换是非常宝贵的。 For example, grepping for "tbl_product" will probably give you much more relevant results than grepping for "product". 例如,对“tbl_product”的grepping可能会比为“product”提供更多相关结果。
解决方案7
-4 2008-11-27 16:36:44
If you're worried about mixing up your table names, employ a hungarian notation style system in your code. 如果您担心混淆表名,请在代码中使用匈牙利表示法系统。 Perhaps "s" for string + "tn" for table name: 对于表名,字符串+“tn”可能是“s”:
stnUsers = 'users';
stnPosts = 'posts';
Of course, the prefix is up to you, depending on how verbose you like your code... strtblUsers, strtblnmeUsers, thisisthenameofatableyouguysUsers... 当然,前缀取决于你,取决于你喜欢你的代码的详细程度... strtblUsers, strtblnmeUsers, thisisthenameofatableyouguysUsers...
Appending a prefix to table names does have some benefits, especially if you don't hardcode that prefix into the system, and allow it to change per installation. 为表名附加前缀确实有一些好处,特别是如果您不将该前缀硬编码到系统中,并允许它根据安装进行更改。 For one, you run less risk of conflicts with other components, as Ian said, and secondly, should you wish, you could have two or instances of your program running off the same database. 例如,Ian表示,与其他组件发生冲突的风险较小,其次,如果您愿意,您可以在同一个数据库中运行两个或多个程序实例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.