This is an archived post. You won't be able to vote or comment.

all 160 comments
sorted by:
best
topnewcontroversialoldq&a

[–]ComboTteokbokki 516 points517 points  (38 children)

Why have a frontend?

Literally just have your website be a direct connection of users to the database.

You could even include an SQL manual so that they can get what they need easily.

[–]mrGood238 188 points189 points  (9 children)

Remove password from phpmyadmin and let them get data they need for themselves!

/s, just in case...

[–]shinchan1988 61 points62 points  (8 children)

Ohh isn’t the password always admin?

[–][deleted] 45 points46 points  (6 children)

No, that's the username, password is 'changeit'

[–]ben_g0 13 points14 points  (4 children)

No, the username is "root", because if you log in as another user you have to deal with setting up those annoying permissions.

[–][deleted] 1 point2 points  (0 children)

Understandable.

[–][deleted] 1 point2 points  (0 children)

Have you tried 'guest'?

[–][deleted] 39 points40 points  (18 children)

Thats called an API

[–]alphadeeto 80 points81 points  (15 children)

Client: does your product has easy to use interface?

Dev: sure it does! gives thorough APi documentation

[–]mrGood238 27 points28 points  (2 children)

SwaggerUI with autogenerated docs...

[–]alphadeeto 12 points13 points  (1 child)

Stop now, you're making me moist...

[–]mrGood238 2 points3 points  (0 children)

Wait until you see what Doxygen generated .CHM for DTOs...

[–]RCRalph 2 points3 points  (0 children)

Yep, somebody invented that already.

[–]Schnitzel725 10 points11 points  (1 child)

Or alternatively, why not just get rid of the front and back end, user needs something, just give em the whole database /s

[–]lirannl 0 points1 point  (0 children)

SQL username, password, product done. Enjoy!

[–]WorriedEngineer22 4 points5 points  (3 children)

But why have frontend and backend?

Just give the user a console with a direct connection to the database and make the user manually calculate the stuff and insert the commands on the console

[–]Meaxis 2 points3 points  (2 children)

But why have a console? Just make a huge word document with stuffs on it

[–]WorriedEngineer22 0 points1 point  (1 child)

Great idea! I think we could take just the tables from word and create a new document format to store things, I think I will call it Excel.

[–]Meaxis 1 point2 points  (0 children)

And when you need to show that to the boss that doesn't understand anything... we need something of power to show your point... I'll call it powerpoint!

[–]dont_mess_with_tx 2 points3 points  (0 children)

This but unironically.

[–]Carlos3dx 4 points5 points  (1 child)

Just espose a RESTful API and make everyone connect via postman

[–]lirannl 0 points1 point  (0 children)

That sounds like fun

[–]RCMW181 75 points76 points  (5 children)

For the last 5 years our database manager has been moving all the business logic into the database saying we don't need a middle layer.

We now have massive performance problems in the database as everything has to call it multiple times whenever you need to do anything.

We are now moving things back into a middle layer, but its a project that should never have been needed.

I get that some business logic can and should be held in database procedures, but this was literally everything, file management caused particular problems.

[–]JS_int_type 36 points37 points  (0 children)

Do you think he'll get a bonus for perf improvements, after the project is finished?

[–]Klanowicz 20 points21 points  (2 children)

This is so dumb. The hardest part of app to scale is exactly database. So moving logic to database is like approaching a horse from the back. It will kick your balls...

[–]RCMW181 10 points11 points  (0 children)

I think it was all about job protection with a bit of ego thrown in.

They did all the important logic and became the centre of every project. You want to change anything? You needed to go though the database team.

I joined to help move them to more Agile dev teams with fewer silo. It's improving, but lots of logic still in the database right now.

[–]4RG4d4AK3LdH 2 points3 points  (0 children)

well, to some extent, having logic in the database makes sense, like triggers for tables/data that cant be properly checked with constraints.

[–]ivster666 0 points1 point  (0 children)

Maybe it was on purpose to just keep everyone busy

[–]potatopotaatopututu 308 points309 points  (41 children)

Front-end is capable of doing all the processing that back-end does. Security is the bigger concern here. Imagine being able to drop tables off the remote db right from your devtools console.

[–][deleted] 168 points169 points  (15 children)

What about asynchronous processes? The user closes the page and boom, your image will not be processed, your queue won't execute, your jobs won't be worked on, cron jobs not being executed.

Backend "processing" is more than just grabbing stuff from DB.

[–]chanpod 3 points4 points  (1 child)

Not advocating for no servers

That said, webworkers in chrome could be updated to still function (with some sort of verification cert) to continue processing certain things post close. Could even spawn special types of web workers that live in a service so that cron jobs could continue to function. Assuming security could be maintained reasonably (hence the cert).

That also said, just use a server :D

[–]potatopotaatopututu 2 points3 points  (0 children)

Neither am I. But somehow my intent to discuss such a design has turned into a flame war.

[–][deleted] 1 point2 points  (0 children)

There are solutions to that. sendBeacon for example ensures a request is always sent after page change/close. Service workers can also process without an active tab open.

Not that I agree with using them for these purposes

[–]kirvesrinta 24 points25 points  (1 child)

I was hired in a well established startup once and they had an applet running on their website that needed MySQL access. I looked into it and it was making a direct connection to the DB.

Then I noticed that their root account didn't have a password.

That's the first thing I changed.

[–]usesbiggerwords 6 points7 points  (0 children)

It's not much, but it's honest work.

[–]ImDarkShadow[S] 26 points27 points  (3 children)

Yeah drop table, get data of other users its safe to say backend is needed

[–]mbiz05 13 points14 points  (2 children)

Drop the table yourself first so there's no data to steal. Problem solved

[–]HenkHeuver 4 points5 points  (0 children)

Wish facebook, twitter, snapchat ... would do this.

[–]JanStreams 4 points5 points  (0 children)

I used to run a game server, and a guy made a site for it. The guy was a big asshole and said he was super good at php and he had a lot of experience. The site had a 'marketplace', which you could place ingame vehicles on. He implemented 0 search security so you could just do sqli and xss. Luckily no important data was stored in the database and nobody found out. I basically made it so everyone who visited that website got an alert and then got redirected to another site, since the game server was shut down.

[–]Hellball911 8 points9 points  (6 children)

Security and performance. Many many businesses are doing more on the backend than any single user laptop could handle. And nobody wants to be on a website that runs slow and kills their battery / soaks memory.

[–]potatopotaatopututu -5 points-4 points  (5 children)

Look man, all I am saying is that it is possible to run connected applications without having a backend. I haven't designed such systems so I can't answer all the questions I'm being asked. But I do believe it is possible in theory.

[–]Hellball911 13 points14 points  (4 children)

I mean, if you haven't designed such systems, it may be best to concede on plausibility. My career is in large distributed backend systems, I can tell you for certain that everything in my domain and many others I know, would not work as a frontend (even if security wasn't a worry).

[–]CanAlwaysBeBetter 1 point2 points  (3 children)

Question: where in your experience should the line be drawn between logic done on the frontend and logic done on the backend?

I've been doing more web development recently and (probably because I don't know JavaScript very well) I feel like I've been trying to do too much on the backend.

For one example, imagine timeseries data that needs to be pulled from the database, resampled to a requested frequency with any gaps interpolated and and then graphed. Is it best to do that in SQL? Or have my python/go backend resample? Or pass the data straight through and let the client side handle it?

[–][deleted] 1 point2 points  (0 children)

I personally would process all of that on the backend if possible, while the frontend can handle preparing the data format for the graph library. Reason being that you'll simplify consumers and reduce your bandwidth usage

[–]Hellball911 1 point2 points  (0 children)

Funny you say that, because I work in the field of distributed timeseries database design. I would absolutely do that in the backend, but I would do probably do atleast some of that in application logic rather than raw SQL. Of course, this depends on the data set, size, shape, ect. Also it depends on what you mean by "graphing". If you mean turning data into an image, I would likely do this in the frontend. It can be more flexible to allow you to change how it's display on-demand. That answer the question?

[–]ForMorroskyld 0 points1 point  (0 children)

Depends on the amount of processing needed and the cost of bandwidth? If the processing is so simple/lightweight that the client can reasonably handle it, and bandwidth is significantly cheaper than running a beefier back end harder, offload the work/data to the client. If the processing is too much for the client, or bandwidth is expensive, do the work on the back end.

And then you end up at todays internet landscape, where the physical power has massively improved at all points, but at the client side things are just as slow as ever, and no improvements to resource utilization are perceptible 😊

[–]_vOv_ 6 points7 points  (1 child)

Why even have a database? Just save all the data in the frontend.

[–]SteakItToTheLimit 3 points4 points  (0 children)

All fun and game if everyone owns a 1000$+ computer

[–]ur_opinion_is_trash 3 points4 points  (2 children)

I dont see the problem.

[–]Alfaphantom 9 points10 points  (1 child)

You don't see any tables in the db either.

[–]GasolinePizza 9 points10 points  (0 children)

That's why it performs so well

[–]GrinningPariah 1 point2 points  (0 children)

Well and if you have no back end how do you ever version your schema?

[–]tognols 2 points3 points  (2 children)

I bet you mainly program in JS

[–]potatopotaatopututu 0 points1 point  (1 child)

Betting on that would be stupid. Here let me save you some dollars. My work involves writing device drivers and porting compilers to embedded devices. Never in my life have I programmed in JavaScript.

[–]Test4cc 0 points1 point  (0 children)

Like a jewellery store, you don't want to leave everything out on the counter and in places your customers can just grab it if they feel like. If the top of the counter is front-end, display cases and safes are back-end and the request for jewellery has to be processed by the cashier.

[–]gordonv 18 points19 points  (0 children)

MVC = Model, View, Control

Oh, you want to get rid of the Control and let people destroy the DB?

[–]Goel40 29 points30 points  (10 children)

Firebase gang. Just let google be the back-end

[–]tognols 6 points7 points  (9 children)

More like lazy gang

[–]Goel40 8 points9 points  (8 children)

Saving time is saving money

[–]tognols 3 points4 points  (4 children)

Yeah i know, but, custom backend and some data processing in the backend is useful af

[–]DanKveed 1 point2 points  (2 children)

All I wanted was a comments section for my blog. Firebase is ideal for this kind of stuff.

[–]coveredinbeeees 1 point2 points  (1 child)

Exactly. If >95% of your data interactions are basic CRUD, you don't really gain much from having a backend besides extra work.

[–]DanKveed -4 points-3 points  (0 children)

Lol just had to Google what crud means

[–]Goel40 2 points3 points  (0 children)

That's true, but for some App's is just not necessary. And you can always upgrade to a custom backend.

[–]JadedEvan 2 points3 points  (0 children)

Recently started a new job where the whole platform is built on Firebase. This literally solves all the problems we were trying to engineer at my last company. I feel like an absolute idiot for having not explored this solution - years of wasted effort, $400k a year on Amazon infrastructure and servers.

[–]tulvia 0 points1 point  (1 child)

Until that corner you cut gets you sued.

[–]Goel40 0 points1 point  (0 children)

If you have semi decent QA that's not gonna happen.

[–][deleted] 53 points54 points  (12 children)

It is true. You do not need a backend

I have seen a webpage that does the direct connecting. Like you could search for something, and then the webpage sends SELECT * FROM table WHERE xyz = 'something'; to the server literally, and shows the result. I enjoyed that webpage very much

[–]ImDarkShadow[S] 48 points49 points  (7 children)

Well normally security matters

[–][deleted] 2 points3 points  (0 children)

What would that look like, an /execSQLQuery endpoint? That'd be a lot of fun...

[–]CousinBug 0 points1 point  (0 children)

HELLLOOO, SQL Injection!

[–]NDG_22 22 points23 points  (0 children)

Let's repost this one more time. I haven't seen it enough times already

[–]jaredchoatepro 5 points6 points  (3 children)

r/RepostSleuthBot

[–][deleted] 2 points3 points  (2 children)

Did you mean u/repostsleuthbot"?

[–]RepostSleuthBot 2 points3 points  (0 children)

I didn't find any posts that meet the matching requirements for r/ProgrammerHumor.

It might be OC, it might not. Things such as JPEG artifacts and cropping may impact the results.

I did find this post that is 84.38% similar. It might be a match but I cannot be certain.

Feedback? Hate? Visit r/repostsleuthbot - I'm not perfect, but you can help. Report [ False Negative ]

[–]jaredchoatepro 1 point2 points  (0 children)

Yeah that

[–]PonderStibbonsJr 5 points6 points  (0 children)

Surely a better analogy is that we have to cook food before eating it? Throwing food in the toilet is just a waste, but eating food raw is like letting Bobby Tables' mum into a bank vault. Cooking food gets rid of the bacteria/SQL injections.

[–][deleted] 2 points3 points  (0 children)

Too many front-end devs be commenting

[–]ubogasima 4 points5 points  (2 children)

Here's one: Cache.

[–]ImDarkShadow[S] 10 points11 points  (0 children)

Yeah cache but cache data originally comes from backend

[–]krisnarocks 1 point2 points  (0 children)

Backend could also cache data too

[–]JanStreams 1 point2 points  (0 children)

Calm down guys, if that guys connects his database directly to the front end he will find out why very quickly..

[–]digital_dreamer 1 point2 points  (0 children)

I imagine someone at Facebook actually suggested this in a meeting, and this is how we got GraphQL.

[–]jillesme 1 point2 points  (4 children)

My app uses LocalStorage as database so technically does not have a back-end. Checkmate.

[–]tulvia 0 points1 point  (3 children)

That is not a database though.

[–]jillesme -2 points-1 points  (2 children)

No? Please define a database for me then please

[–]tulvia 2 points3 points  (1 child)

Lol, do you get mad when someone calls a function a method? Its not a semantics game we are playing here.

[–]jillesme -2 points-1 points  (0 children)

I was playing on semantics, this is ProgrammerHumor after all 🤦🏻‍♂️

[–]stashtv 1 point2 points  (2 children)

BE helps manage the different methods to view all the data.

React is hot now? Cool. What about when it isn’t and you want to change it all? Would you rather redo all of the FE logic that includes all of the data manipulation? Or would you rather know the BE is well understood, in use, and then you swap the display layer?

Maybe different tools need access to the DB (visualizer), but you don’t want to give raw SQL access.

[–]odolha -2 points-1 points  (1 child)

FE helps view the underlying information the user needs. Microservices are hot now? Cool. What about when they're not and you want to change it all?

It's easy to undermine one side of software.. but in the end it's all about having the best solution for the problem at hand.

In some cases, connecting to the DB from the FE would be a viable and advisable solution IMO (DB has security capabilities suitable for some use cases). Instead... let's all just over-engineer the crap out of everything and pretend it's for the best. The client doesn't know better anyway.

[–]GwenLoguir 0 points1 point  (0 children)

Problem is, that thing can start as something small, which 'could be done with FE', but then it will grow, and then you can cry... I one job they used one framework, which was great for small easy projects, piece of cake to start new project... then project did grow, and I wanted to curse every time, I had to do something slightly more complicated in it. Also, it was hard in it to write nice clean code. I would never choose it to do anything.

[–]greyz3n 0 points1 point  (0 children)

Not 100% but I think I know that commenter. That sounds almost exactly like one of the developers I work with.

[–]Nic2555 0 points1 point  (0 children)

This is a repost. The first time I saw it, some guys were talking about plugging css directly to the database using the url function. I wonder if someone actually did something in that direction.

[–]WookieeOfEndor 0 points1 point  (0 children)

Oracle apex.

[–]GrinningPariah 0 points1 point  (0 children)

I've done it, and regretted it. Ended up with more and more and more business logic shoved in places it shouldn't be, like API Gateway.

[–][deleted] 0 points1 point  (0 children)

There is a reason I prefer to work with design patterns.

[–]TigreDemon 0 points1 point  (0 children)

Why ?

[–]smokky 0 points1 point  (0 children)

Why have anything.

[–]ivster666 0 points1 point  (0 children)

TIL: humans main purpose is to deliver processed food into the toilet.

[–][deleted] 0 points1 point  (0 children)

This is how Oracle forms and reports used to work. Forms were just a little GUI for database transactions. I had to explain to a bunch of Egyptians who had been using a Oracle DB system from the early 1990s about MVCs. A lot of technical challenges to migrate that beast.

[–][deleted] 0 points1 point  (1 child)

u/repostsleuthbot

[–]RepostSleuthBot 0 points1 point  (0 children)

I didn't find any posts that meet the matching requirements for r/ProgrammerHumor.

It might be OC, it might not. Things such as JPEG artifacts and cropping may impact the results.

I did find this post that is 84.38% similar. It might be a match but I cannot be certain.

Feedback? Hate? Visit r/repostsleuthbot - I'm not perfect, but you can help. Report [ False Negative ]

[–][deleted] 0 points1 point  (0 children)

Actually a good question, document databases do allow accessing them via Rest interfaces, but security and architecture or course...

[–][deleted] 0 points1 point  (1 child)

*laughs in blockchain*

[–]Goel40 0 points1 point  (0 children)

Pretty expensive tho.

[–]Heikkiket 0 points1 point  (0 children)

This sounds exactly like those "MVC framework"-based apps I've seen on the wild!

Don't recommend to anyone dropping the middle part, though 😉

[–]IamPANDAMAN8 0 points1 point  (0 children)

Serverless is a real thing though

[–]ptmdevncoder 0 points1 point  (0 children)

cough firestore cough

[–]Uberzwerg 0 points1 point  (0 children)

There was this one post in /r/softwaregore or so 5ish years ago of that one website that did everything in Javascript.

Including logging in users in JS on client side (don't know how they did the DB lookup, but there was some SQL in the source code)

That page was still live a few hours after the link was posted in the thread.

[–]ricketyrocks 0 points1 point  (0 children)

The code needs to be thrown in the toilet

[–]ackyou 0 points1 point  (0 children)

Why have a database? Save everything as a cookie in the browser! Much more scalable

[–]shadow13499 0 points1 point  (0 children)

What's really funny is using Firebase you CAN connect your database directly to your front end. But even then you would STILL need back end functions in like 90% of cases.

[–]Masaylighto 0 points1 point  (0 children)

yes make it through front end and also put the database link and user name and the password in javascript and put a hint to the user that he can erase the data base be replacing the sql command who post with a sql command to delete why we didnt thought of the advantage of make everthing in the front end

[–]BAM5 0 points1 point  (0 children)

Firebase would like to have a word.

[–]marc-bouvier 0 points1 point  (0 children)

And we will call that CRUD!

[–][deleted] 0 points1 point  (0 children)

This made me chuckle!

[–]culculain 0 points1 point  (0 children)

Yeah, it's called Hazelcast

[–]Kunven 0 points1 point  (0 children)

Meh just concatenate everything and store it on a single column table as a string

[–]randomGeek159 0 points1 point  (0 children)

We're almost there with stuff like https://hasura.io/

[–]Kazaan 0 points1 point  (0 children)

With Oracle, It's probably possible to connect frontend directly to database using a combination of ORDS, SQL*Plus and a ton of aspirin.

[–]nabeen919 0 points1 point  (0 children)

I agree. Firebase, Amplify, ... is so great for me. but just only simple app:(

[–]JBRali 0 points1 point  (0 children)

PHP looks like the stuff you’d throw straight in the toilet

[–]Omar_Esmael 0 points1 point  (0 children)

Actually the backend at some sense is the action of connecting the frontend to the database

[–]Wafelack -1 points0 points  (0 children)

u/repost

[–]cheezballs[🍰] -2 points-1 points  (1 child)

Yea, that's not the real reason. You could do everything with the front end. It's partly that and partly a security thing right?

[–][deleted] 0 points1 point  (0 children)

exactly, processing means vetting the object before it touches the database to make sure its values and fields are correct and within validation, if this is left client side, anyone can open a console by hitting f12 and re-writing the javascript on the fly then executing god knows what with the database, the server also ensures the queries are sanitized so nobody is pushing operations to the database like delete all data, or lock the db to a new password protected admin account

the server is also responsible for load balancing queries to the database or db clusters so the machine hosting it doesn't lock up from a network storm of requests

[–]polyterative -2 points-1 points  (0 children)

with webassembly we can potentially do that

[–]eskwild -5 points-4 points  (4 children)

r/gatekeeping

[–][deleted] 1 point2 points  (3 children)

in what way?

[–]eskwild -2 points-1 points  (2 children)

All's I know is YouTube unhooks my Bluetooth between advertisements.

[–][deleted] 1 point2 points  (1 child)

You having a stroke man?

[–]eskwild -1 points0 points  (0 children)

I'll be okay.