Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

SQL in a Nutshell 86

stoolpigeon writes "The cover of SQL in a Nutshell sports a chameleon, the little lizard well known for its ability to blend in just about anywhere. This is a great choice for the Structured Query Language. SQL has been around since the seventies, helping developers interact with the ubiquitous relational database management system. Thirty some years later, SQL grinds away in the background of just about any interactive web site and nameless other technologies. New alternatives are popping up constantly but I'm going to go out on a limb and say that SQL is going to be around for a long time. Anyone interacting with an RDBMS is in all likelihood going to need to use SQL at some point. For those who do, who also want a handy desktop reference, SQL in a Nutshell has been there for the last 9 years. The SQL language itself has not stood still over those years, and neither have the products that use SQL, and so now the book is available in a third edition." Read on for the rest of JR's review.
SQL in a Nutshell, 3rd Edition
author Kevin Kline, Daniel Kline, Brand Hunt
pages 590
publisher O'Reilly Media Inc.
rating 10/10
reviewer JR Peck
ISBN 978-0-596-51884-4
summary Covers the entire ANSI SQL2003 standard as well as how that standard is implemented
It's pretty easy to sum up what SQL in a Nutshell contains. It covers the entire ANSI SQL2003 standard as well as how that standard is implemented in MySQL 5.1, Oracle Database 11g, PostgreSQL 8.2.1 and Microsoft SQL Server 2008. There is a new ANSI standard more recent than the 2003 standard, ANSI SQL2006. This new standard does not change anything covered in the book, but introduced XML and XQuery which are not covered here. The format for conveying all this information mirrors that of the other " a Nutshell" books. There are four sections. The first is a very short (15 pages) history of SQL and the second is a summary of foundational concepts. The vast majority of the book is the third section, "SQL Statement Commands." These commands are given in alphabetical order. There is also a table at the very beginning of the chapter listing every command and showing how it is supported by the four platforms.

Each command is presented by starting with a short summary of what it does. This is followed by a table showing which RDBMS products support the command, the proper syntax for the command, key words, command rules, possible issues that may come up and implementation details and examples for each of the four RDBMS products represented. A couple of the differences between the second and third edition are that two RDBMS products were dropped and there are more examples. The products dropped allowed for there to be more examples while also making the book smaller than earlier editions. Anyone working with Sybase Adaptive Server or DB2 UDB will want to hold onto their second edition copy of this book if they want to have that platform specific content available, because it is not in this third edition.

The book states that the dropped platforms were the least popular of those in earlier editions. For those wondering why their favorite RDBMS is not in the list, that gives the answer. To keep length down the number of specific platforms covered was kept to four. Fortunately the books is still of high value for most readers as most decent RDBMS products will support ANSI SQL standards. On those occasions they do not, the reader would have to look to another resource for help. The length issue is easy to understand when looking at the GRANT statement and seeing that it covers over twenty pages. Most of this space is used to explain the various options available on each platform.

The last section SQL Functions documents all of the standard functions with examples and then contains a list of platform specific extensions, grouped by product. There is not a table showing platform support like there was for SQL statements. This section is much smaller, so it really isn't an issue. The single appendix that follows list standard and platform specific key words.

So who would benefit from SQL in a Nutshell? The most obvious to me is the DBA or developer working across more than one of the four platforms presented, especially if they don't move from one to the other too often. Like an Oracle DBA that needs to go do something in MS SQL Server every so often, or the same type of thing between any of the others. This makes for a quick resource that will sort out forgetting how one or the other does things rather quickly. But even if one isn't moving across multiple platforms, unless the whole standard has been memorized, this is a great help.

The second group I see gaining some real good from this book are those new to working with SQL. I've worked with all four platforms and others not covered in this book and on every single one of them I've hit error messages that were anything but helpful. Being able to go directly to a correct statement of syntax and usage is a real help when the system doesn't want to tell what is really going on. It is important to remember that this is a pure reference book. It is not written with the intent of teaching how to use SQL. That said, it covers the entire standard. Much like a dictionary can be used to increase one's knowledge of a language, reading through this reference can be a good way to learn more about SQL. Many introductory texts aren't going to cover the whole standard or as many platform specific details. The student of SQL would get a real jump by working through this book. It is compact enough that while it wouldn't be a thrilling read, it is completely doable.

Who wont like it? Probably anyone who doesn't like any of the other nutshell books from O'Reilly. This book is pretty much exactly like my Unix in a Nutshell, Linux in a Nutshell and MySQL in a Nutshell books. If the format and approach bothers you, don't look for any radical departure that will make it more palatable here. If you are like me and already know you like the format, then this is pretty much a sure thing. For the vast majority of us that work in the database world, this is the reference. I say this keeping in mind the scope of the book. Is this everything one needs to know about SQL? Obviously not. There is much more to be said about SQL as evidenced by all the words that have been said and are out there in print. But when one wants to know quickly about SQL statements and functions, I can't think of a better resource.

Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.


This discussion has been archived. No new comments can be posted.

SQL in a Nutshell

Comments Filter:
  • by Anonymous Coward on Monday June 01, 2009 @03:06PM (#28171629)

    Nostra Fucking Damus.

  • by CRCulver ( 715279 ) <> on Monday June 01, 2009 @03:06PM (#28171655) Homepage
    While I got quite some milage out of my copy of Python in a Nutshell [] back in the day, online documentation has much improved and I feel just as comfortable hitting a few keys to get the reference material I want as flipping through pages. O'Reilly Nutshell guides seem to me consigned to that most infamous category of tech reading printed material: the bathroom book.
  • Re:Nutshell books (Score:4, Insightful)

    by gubers33 ( 1302099 ) on Monday June 01, 2009 @03:28PM (#28172077)
    You hit that one on the head. I purchased PHP in a nutshell a few months ago, if I didn't have previous experience in PHP from an HTML and a database class I took in college, I would not have been able to understand the book very well at all.
  • by Brandybuck ( 704397 ) on Monday June 01, 2009 @03:58PM (#28172549) Homepage Journal

    You can say that for several programming languages as well. There's got to be something else to it.

  • by Abcd1234 ( 188840 ) on Monday June 01, 2009 @04:08PM (#28172721) Homepage

    Creating a new query language is *hard*.

    I mean, I can sit down and create a new programming language fairly easily. Hell, most computing science students write a compiler at some point during education. But a new query language? That requires a DB engine, a query optimizer, and who knows what else. All to replace a language that, thus far, has worked exceedingly well.

    That said, as another poster points out, there are other languages out there, XPath being the most notable (CSS selectors also come to mind). But none of them are as clear, simple, and straightforward as good ol' SQL, which, I think, says something about its design.

  • by AkiraRoberts ( 1097025 ) on Monday June 01, 2009 @04:10PM (#28172757) Homepage
    Having spent a painful few months with Unidata Query Language, I have to say I much prefer SQL. That experience was somewhat less than fun. As for SQL, it's been quite a while since I picked it up, but I recall that it took me all of an hour to get comfortable enough to do damage. And now, some 10 years later, I haven't even come close to exhausting its possibilities. Perhaps that's the reason for its popularity - a nice balance of ease and extensibility.

    When it comes to books though, I have a fondness fo Joe Celko's SQL For Smarties. Not the best intro, but something I do keep coming back to. (And yes, while I'm one of those guys with a big pile of books in my office, I do actively use at least half of them).
  • by Bigbutt ( 65939 ) on Monday June 01, 2009 @04:15PM (#28172823) Homepage Journal

    One of the problems with google is that if it's sufficiently generic, you'll get 3,600,000 pages. I can just grab the appropriate book and have a better chance of finding my answer. Another issue is the number of spammers trying to catch your attention by snatching search results just to be able to point you to their site.

    O'Reilly and Addison-Wesley have good reputations for putting out quality books. Searching and wading through blogs and difficult to navigate web sites (I'm looking at you Sun) to find the right answer can be lengthy and a crap shoot too. Picking up the subject matter book gives a good chance of having the right answer immediately.

    So yea, I have a bunch of books here and at home. I also subscribe to O'Reilly's Safari Bookshelf. I haven't read each and every one, but they've all been helpful at one point or another in my career.


  • by Estanislao Martínez ( 203477 ) on Monday June 01, 2009 @04:21PM (#28172917) Homepage

    I think you very much overstate the "clarity," "simplicity" and "straighforwardness" of SQL; there are many well-studied ways in which a relational language could be better than SQL. But I do think you've hit the nail on the head otherwise: designing and implementing a credible RDBMS is extremely hard compared to designing and implementing a programming language, and no relational query language is going to go anywhere without being paired to a good RDBMS.

  • Re:SQL injection (Score:2, Insightful)

    by Anonymous Coward on Monday June 01, 2009 @04:50PM (#28173411)
    Sanitizing your input on the application layer or db abstraction layer is probably the way to go towards injection prevention (and also using as-restrictive-as-possible DB permissions.) Those layers are almost surely not written in pure SQL, thus I feel as if injection prevention is somewhat off-topic for this book, which is about the language itself.
  • Re:SQL injection (Score:4, Insightful)

    by FranTaylor ( 164577 ) on Monday June 01, 2009 @06:10PM (#28174659)

    It doesn't tell you how to touch-type or tie your shoes either.

    Use parameterized queries and you don't ever have to worry about SQL injection again.

    If your development environment doesn't support them, it's a BUG, and you NEED to report it.

  • by Estanislao Martínez ( 203477 ) on Monday June 01, 2009 @07:13PM (#28175393) Homepage

    I disagree. Existing query optimization and execution engines are built with the capabilities and constructs of SQL in mind. A new query language, on the other hand, presumably exists to enable things which existing languages (like SQL) don't... otherwise, why would you bother? So, given that, it's very likely that the language would require new, novel technologies for optimization and implementation... and those things ain't easy to get right.

    I think DragonWriter is going from the core assumption (which I share) that we're talking about a relational language alternative to SQL, where the differences would be along the following lines:

    1. Closer adherence to the relational model (no NULLs or three-valued logic, no row duplication allowed, etc.).
    2. Friendlier query language with more capabilities for factoring complex repetitive queries.

    Note that existing SQL systems also have had many kinds of features added over the years that often require new optimization and implementation techniques (e.g., recursive query extensions, materialized views with automatic query rewrite, MERGE statement). In this sense, really, a relational system with a novel language doesn't have it intrinsically harder than existing SQL databases.

  • by lakeland ( 218447 ) <> on Monday June 01, 2009 @09:01PM (#28176291) Homepage

    Nah, it's easier than that.

    Firstly, writing a DB engine is pretty easy. B-Tree implementation is a standard 2nd year assignment, hash is first year, and trying them into a database with persistent storage would probably still be 2nd year or 3rd year at worst. Transations (undo segments and the like) are harder, but you could leave them out.

    Query optimisation firstly isn't in SQL, though I'd be lying if I said it was in relational algebra. Certainly it is in an intermediate language that is convertible too. Secondly as you say, compiler building is not rocket science and optimisation is part of that. It's a bit different to programming optimisation because you're much more concerned with fetches than instructions but fundamentally the concept is the same.

    Of course, that's writing your own language, not writing a decent RDBMS.

Promising costs nothing, it's the delivering that kills you.