Ruby Programming
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me

The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.

Go Back   Dev Shed ForumsProgramming LanguagesRuby Programming

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old January 26th, 2006, 01:29 PM
Conundrum's Avatar
Conundrum Conundrum is offline
Contributing User
Dev Shed Beginner (1000 - 1499 posts)
 
Join Date: Jan 2004
Posts: 1,137 Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level)Conundrum User rank is First Lieutenant (10000 - 20000 Reputation Level) 
Time spent in forums: 1 Week 3 Days 23 h 58 m 47 sec
Reputation Power: 172
Ruby on Rails, ORM and raw SQL

What is the state of Ruby on Rails, ORM and raw SQL? I know there's a big push to ORM with all the major frameworks (Ruby on Rails, TurboGears, Catalyst, etc.) and for some apps ORM is the way to go. Other times, however, it seems that raw SQL will make one's life a lot easier especially when using DB-specific SQL extensions. I particularly dislike half-solutions like raw SQL for the WHERE clause only, etc. RoR supporters, in particular, seem to go out of their way to vilify raw SQL.

Some articles I've read criticize raw SQL because of SQL injection attacks. The examples provided are primarily for PHP. In Perl, DBI and placeholders automatically eliminate SQL injection so it's not even a consideration.

Check out this blog on RoR's ActiveRecord. Basically he's saying ActiveRecord is "opinionated software" that doesn't want to leverage any DB specific features. To me, and it seems many others, that's "debilitating software." I don't mind opinions as long as I have a choice. I don't think I have a choice with RoR, do I?

Last edited by Conundrum : January 27th, 2006 at 10:13 AM.

Reply With Quote
  #2  
Old March 12th, 2006, 03:51 PM
zerium zerium is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Mar 2006
Posts: 1 zerium User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 20 m 17 sec
Reputation Power: 0
Quote:
Originally Posted by Conundrum
What is the state of Ruby on Rails, ORM and raw SQL? I know there's a big push to ORM with all the major frameworks (Ruby on Rails, TurboGears, Catalyst, etc.) and for some apps ORM is the way to go. Other times, however, it seems that raw SQL will make one's life a lot easier especially when using DB-specific SQL extensions. I particularly dislike half-solutions like raw SQL for the WHERE clause only, etc. RoR supporters, in particular, seem to go out of their way to vilify raw SQL.

Some articles I've read criticize raw SQL because of SQL injection attacks. The examples provided are primarily for PHP. In Perl, DBI and placeholders automatically eliminate SQL injection so it's not even a consideration.

Check out this blog on RoR's ActiveRecord. Basically he's saying ActiveRecord is "opinionated software" that doesn't want to leverage any DB specific features. To me, and it seems many others, that's "debilitating software." I don't mind opinions as long as I have a choice. I don't think I have a choice with RoR, do I?


You do have a choice... there are two command one for active record called "find_by_sql" and another called execute [docs ]

the point with rails is why do you want to use sql when you can let your computer (which is much better at generating sql code) do it for you. Now there may be some task where you need to use a random bit of sql and you are in no way prohibited from doing that.

I don't think you quoted them well when you said that it is opinionated because of active record (that is what it sounded like).

I heard one of the developers put it this way. Rails is opinionated because it is their opinon of how an ORM should work not that they decided sql sucks and anyone who uses it is an idiot... their opinion is that the ORM has to make certain assumptions about how to do a certain task but, you are no way nailed down to doing it their way with rails.

Reply With Quote
  #3  
Old April 27th, 2006, 09:37 AM
jamieB jamieB is offline
Contributing User
Dev Shed Novice (500 - 999 posts)
 
Join Date: Nov 2002
Posts: 596 jamieB User rank is Sergeant (500 - 2000 Reputation Level)jamieB User rank is Sergeant (500 - 2000 Reputation Level)jamieB User rank is Sergeant (500 - 2000 Reputation Level)jamieB User rank is Sergeant (500 - 2000 Reputation Level)jamieB User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 2 Days 3 h 56 m 23 sec
Reputation Power: 22
Quote:
Originally Posted by Conundrum
What is the state of Ruby on Rails, ORM and raw SQL? I know there's a big push to ORM with all the major frameworks (Ruby on Rails, TurboGears, Catalyst, etc.) and for some apps ORM is the way to go. Other times, however, it seems that raw SQL will make one's life a lot easier especially when using DB-specific SQL extensions. I particularly dislike half-solutions like raw SQL for the WHERE clause only, etc. RoR supporters, in particular, seem to go out of their way to vilify raw SQL.

Some articles I've read criticize raw SQL because of SQL injection attacks. The examples provided are primarily for PHP. In Perl, DBI and placeholders automatically eliminate SQL injection so it's not even a consideration.

Check out this blog on RoR's ActiveRecord. Basically he's saying ActiveRecord is "opinionated software" that doesn't want to leverage any DB specific features. To me, and it seems many others, that's "debilitating software." I don't mind opinions as long as I have a choice. I don't think I have a choice with RoR, do I?

the biggest benefit to using an ORM is not avoiding SQL injection or anything along those lines, it's for the programmer using an OO language to forget about the persistence layer, avoiding the 'impedence mismatch' which arises every time you switch from thinking objects to thinking relational databases. Applications can be designed much more cleanly and effectively if you use the same theoretical model throughout rather than switching to and fro and putting in little hacks to deal with one db's quirks. It may be overkill for some trivial web apps but usually whatever you might lose (eg performance for retrieving collections where the generated SQL may be inefficient) is outweighed by the big gains in simplicity etc.

Reply With Quote
Reply

Viewing: Dev Shed ForumsProgramming LanguagesRuby Programming > Ruby on Rails, ORM and raw SQL

Developer Shed Advertisers and Affiliates



Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.

© 2003-2013 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap