Is it correct to only test for database connectivity failure on the login page/form?
-
13-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
There is a database-based application at work with an authorization system. If a user is not logged in, the only system accessible to them is the authorization system where they must provide a valid username and password that are stored in the database.
The login function has the following comment in it:
// NOTE: This is the only place in the program that will given an error about
// the DSN not being properly configured/connected, because this is the only
// place where that is a cause for concern - the other queries can only be
// accessed once the user is logged in, and once they are logged in, they
// obviously have a valid connection to the database.
Indeed, the other queries in this program do not include a detailed error displayed to the user about a database failure; if there is any sort of error, it is silently logged to a file for the IT and programming staff to analyze.
Is this a good design decision?
Solution
Well, read the comment again -
This is the only place in the program that will given an error about the DSN not being properly configured/connected
If it was only the
configured
part, that would be probably ok - if DSN point's to wrong DB you will not be able to login and continue. But the second part
connected
is deeply troubling. In real world network connection issues do happen, and while it might not make sense do show end user the whole error call-stack, they should definitely be notified that sth. went wrong and, for example, their from / data has been not saved / processed / whatever. Just out of curiosity, is this some UI application? How are errors handled? Is there really no information to the end user that sth went wrong?
