sql_mode must be one of the most elusive issues in setting up a MySQL database. It is also responsible for difficulties in migration, upgrading and securing of databases.
MySQL usually has little issues with migrating database from one machine to another, one version to another, one OS to another, one architecture to another. If we’re not sure, we can always migrate using mysqldump’s logical dump, right?
Not entirely right. The elusive sql_mode (empty by default) may affect out backup+restore, may affect our application behavior, may affect our data integrity.
- Did we remember to set NO_AUTO_CREATE_USER? Oh dear, we have some users without passwords.
- Did we remember to set NO_AUTO_VALUE_ON_ZERO? Oh dear, we’ve dumped our database for backup, restored, but AUTO_INCREMENT values have changed!
- Did we set STRICT_ALL_TABLES? How do we know if the 255 value in our TINYINT really stands for 255 or if it was a truncated 299?
- Do we allow selecting non aggregated columns in GROUP BY? Did we set ONLY_FULL_GROUP_BY? Will our application crash now?
- Our old database has zero for empty date values (columns are NOT NULL). But what settings do we have for NO_ZERO_IN_DATE on our new installation? Will import fail?
- And how did the NULL get in? Was it because we divided by zero, and forgot to set ERROR_FOR_DIVISION_BY_ZERO? How can we tell?
The fact is: two mysql instances, same version, same OS and architecture, with different sql modes – can be incompatible!
As said, the sql_mode is empty by default. This is very non-strict. But more than that: it can be changed even while the database is running; even on a per connection basis.
Setting sql_mode should be one of the first things to do after installation. The usual manuals talk about setting the innodb_buffer_pool_size and the query_cache_size, when sql_mode will dictate the nature of your database and application on an entirely grander scale.
I think it would be best if MySQL chooses a desired set of sql modes (like ‘TRADITIONAL’), then make it the default. I further believe it would be best if MySQL would not allow changes to sql_mode. Not globally and certainly not per session. Choosing the stricter mode is better, I believe: errors such as overflow values should be reported to the application, not just swiped under the carpet.
Backward compatibility? Indeed a problem (inherent to the very existence of sql_mode). Perhaps allow one setting per installation. Perhaps just go for it.
“The other users cannot benefit from a strict mode if any user can choose to ignore the strict mode.”
sure they can, provided they can’t acces each others schemas. I still don’t see any issue with mixing modes provided different schemas are used in isolation, which is effectively achieved by issuing proper object/schema privileges
Another point is that the sqlmode also contains a number of things that have nothing todo with “strictness”, such as the PIPES_AS_CONCAT you mentioned (other examples are ignore space, double quotes for identifiers and a bunch more).
regards,
Roland
Hi Roland,
I see your point. If I understand your intention, though, you’re referring to a completely new set of privileges, integrated into the privileges system.
That in itself is just fine. In my opinion, though, sql_mode must still not exist.
So for being able to set zero for dates you would
GRANT ZERO_ON_DATE ON world.* TO ‘someuser’@’somehost’
But that user should *not* be able to
SET sql_mode=’ZERO_ON_DATE’
How does that sound?
With your permission, I would like to quote you on a post I’m writing on the subject.
Regards,
Shlomi
Roland: if you need to support legacy apps, why not offer them a separate server instance? I think this is the cleaner approach.
Hi All!
@Schlomi: sure, feel free to quote me. (I guess it would be best to include a link to this comment thread so ppl can verify real quick who said what, but this is just a suggestion)
Actually, what I meant was container privileges like:
GRANT SET [SESSION|GLOBAL] SQL_MODE TO user[@host]
But your suggestion gave me the idea that it would in addition be nice to do:
CREATE USER user[@host] IDENTIFIED BY ‘pasword’
DEFAULT SQL_MODE = ‘….’;
(and this would assign the default sql_mode on connect)
As for sql_mode not having to exist at all – well, that would be for the best. But it is not going to happen – not with MySQL. Things are as they are because they evolved that way. Backwards compatibility is being considered by the MySQL dev
@Lukas: I don’t need to support legacy apps. Or well, I do, but this was not what I was thinking about. I like to try out lots of these php apps like wordpress, joomla, drupal, dotProject etc. whatever I feel like I might need at some point. I find that in many, many cases, the installers of these apps break on my perhaps mysql-wise unorthodox settings. I suppose I could have a completely default MySQL installation on the side, but my stance remains that, given the current state of MySQL, it should be on the application to ensure the right SQL_MODE is set right after connecting to the database server.
I have written about a few of my experiences in this regard here:
http://rpbouman.blogspot.com/2007/04/so-wordpress-does-not-like-mysql-sql.html
http://rpbouman.blogspot.com/2007/04/guess-whatwordpress-does-not-like.html
I have also filed a dotProject bug relating to this, and this was solved (Kudos to Adam Donnison!)
http://bugs.dotproject.net/view.php?id=2323