PersonalAnalytics icon indicating copy to clipboard operation
PersonalAnalytics copied to clipboard

Published 20 hours ago verified publisher icon HASEL-UZH

Optimize Database Performance

Open casaout opened this issue 9 years ago • 1 comments

  • •optimize inserts (useful for User Input Stuff): http://stackoverflow.com/questions/1711631/improve-insert-per-second-performance-of-sqlite
  • •think about suggestions from SDL Tool:
  • •google around for query optimization
  • •ADD indixes
  • •PROBLEM: DB is sometimes locked if much data is stored (-> lags). maybe DB on separate thread or better DB lock handling?
  • •OPTIMIZE Queries (e.g. check time spent in each query to see where it wastes time)

Some Logs 1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(40): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.ExecuteDefaultQuery(string)' could contain the following variables 'query'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(135): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.ExecuteReadQuery(string)' could contain the following variables 'query'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(68): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.ExecuteScalar(string)' could contain the following variables 'query'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(120): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.ExecuteScalar2(string)' could contain the following variables 'query'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(340): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.GetUserWorkEnd(DateTimeOffset)' could contain the following variables 'new string[5][1]'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

1>C:\DATA\MS-PA\AM.PA.MonitoringTool\Shared\Data\DatabaseImplementation.cs(314): warning CA2100: Microsoft.Security : The query string passed to 'SQLiteCommand.SQLiteCommand(string, SQLiteConnection)' in 'DatabaseImplementation.GetUserWorkStart(DateTimeOffset)' could contain the following variables 'new string[5][1]'. If any of these variables could come from user input, consider using a stored procedure or a parameterized SQL query instead of building the query with string concatenations.

casaout avatar Feb 18 '16 20:02 casaout

Parameterize Queries: http://stackoverflow.com/questions/1318023/performance-of-parameterized-queries-for-different-dbs

casaout avatar May 11 '16 09:05 casaout

Closing as reported for legacy version of PersonalAnalytics.

casaout avatar Oct 31 '24 16:10 casaout