Capturing Uploaded Files in SQL - The Blazor File Upload Mini Course

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this is the uploading files with blazer mini course so far we've seen how to upload one or many files and how to associate files with form data now we'll want to capture that information into a SQL database along the way we'll have a discussion about the upsides and downsides of storing files in a database versus storing files external to the database and linking them to our data this video is part of a mini course around uploading files I would encourage you to click on the playlist Link in the description and use it to go through the course in order now if you don't know me my name is Tim Corey it's my goal to make learning c-sharp easier I have hundreds of videos here on YouTube with more coming out each week I have a podcast answering questions developers have and I provide trained courses designed to give you the real world training and experience needed to succeed in today's Marketplace you can find all the resources I have to offer at imcorey.com okay let's jump right over to our visual studio and again we're picking up we left off in the last video now if you've been followed along or if you've got a source code from the last video you should be set to continue from where we left off we haven't changed anything from the previous video we're now going to pick up right from where we left off and keep going that does mean if you're just watching this video to understand a SQL part of it that's fine feel free to stick around you'll just have to either get the the download from the previous video if you want to follow along or just watch and see what I do and then see if you want to jump back and and watch the entire series okay I've broken the series up in order to give you that option of either watching just the piece you need or of seeing the the thing in its entirety okay so let's talk about uploading files and we've got the the files are actually uploaded but now we need to work with the SQL database and to do that we're actually going to go over here a SQL Server object Explorer and if you don't have us installed um You probably don't have the the SQL database tools installed you can go to tools get tools and features and make sure you have the data tools installed but under the view menu you'll find the SQL Server object Explorer you can open that up and it's going to give you uh one or more local DB projects these are um test databases only they're seeing they're files that act as SQL databases and we're going to create a new one I've got a whole bunch of test ones in here already notice we have a bunch most of us you know delete me test so on but we'll create a new one um and we'll do that in just a minute but we also need to create a class library to talk to this we're going to create a data access Library I'm not going to use Entity framework and if you've watched any other videos you kind of know why but if you're new uh the reason I'm not using Entity framework is is a long history I've got a whole video on Entity framework best practices and one of those best practices is that you really need to know both Entity framework very very well and also SQL very very well in order to effectively use Entity framework and there's a lot of work that goes into it to doing it right it's very easy to not do it right but have it still kind of work but it's hard to get right and so I tend not to do that I tend to use Dapper because it really kind of forces your hand a little bit and makes sure that you understand how to do things right the first time so that's we're going to do in this video so let's create a new database so just add new database and we're going to call this database file upload just DB just to have a name for doesn't really matter what you call it um but it's there so you know what's going on um and then we're gonna create a new table and we're going to just write inside of Visual Studio you can do it different ways but um I think this works well just know there is a project type inside of visual studio called SQL Server data tools or ssdt and what it allows you to do is actually create your database structure the schema inside of Visual Studio put in Source control have things like rollbacks or Not Sorry Roblox um upgrades so you upgrade your previous database version to the new One automatically using Source control and CI CD you can you know if you make a change to a table name or a file name sorry a column name in your table there you go if you may change the column name if you actually update everywhere that column is used so all the store procedures all the views and so on really good stuff we're not using that here we're just using the tools to generate a a quick and dirty database so we've got this ID here I'm going to make an identity um so I was going to say identity this is one nicely with these tools you can use the GUI up here you can use the text down here or you can even use the properties over here so with all these options which one you choose is up to you basically what this idea does is we can say is identity true increment by one identity seat is one that's what this one keyword did which is why I love having all three options because instead of dialing the specific thing expands out and saying true here is type identity and I'm done so what is this what means is that the ID field we never actually put a value into it it handles creating a value and it starts at one and it counts up so one two three four and so on and that will generate for us a a unique identifier to identify the record that's easy to track it's easy remember it's easy to use and it is in order which actually makes putting it into new records into the database a little more efficient because it's not you know a good is also unique but what happens is every time you insert a record it has a figure out where to put that on disk it has to kind of insert it and move things around and so on with an auto increment ID it doesn't have to do that because it's ordered by that identifier therefore the latest one is the last one which goes at the end so a little fact there um now this is how we're going to identify our records also note that if you restart your computer it restarts art SQL which means that it will put a gap in the identifier so you might see that your identifier goes from one two three to a thousand four a thousand five and so on it might jump a few times like that that's okay don't worry about don't try and reset it don't try to figure out how to fix that it's not it's not something to fix that's designed that way to protect your data we're not going to and that's into that now but just note those number it doesn't matter what the numbers are so leave them alone okay let's change the table name we're going to change this to customer and we're going to say we have a few Fields first name let's make it nvarchar of 50. last name nvarchar of 50. again nvarchar means that he uses Unicode so he can have more characters this checkbox here means it allows no so you have a null value and 50 is the number of characters we're allowing is the maximum number of characters we're gonna leave it alone that's probably fine uh for most cases but everybody needs to choose whatever field length works best for their situation based upon their data so something to think through but for us I think that's fine we're also going to have the file name and we're going to do n varchar here but we're gonna do uh two thousand because a I believe a file name and path can be um up to 2 000 lengths or 2000 characters in length Okay so that's where I have our file name and um oh it's got a username too so that's the T Quarry that's the um we'll use n bar chart 50 for that that's T Quarry whoever's logged in where it's going to capture that to know hey who was the user who created this customer so again it's hard code for us because we're not using an authentication system so that's all we've got going here and we can um we could actually make sure that we update this now this is one way one area where it's a little quirky and um I'm not quite sure why how to figure out why yet but for whatever reason when I if I were to say update here it's going to take my visual studio a little bit of time I'm not sure why but if you right click and say and your your database and say new query and then come back over here and copy this create table it's all you need copy it come over here paste it in and use this run button execute to execute that it executes immediately don't save it don't save this but now if you go to tables we'll see we have that customer table there it's a quirk I'm not quite sure why it does that way it's only happens when you're doing things with um with just directly here as opposed to using ssdt or something else um just so you know so with that the other thing we're going to create for this lesson is we're going to store this data in the table so let's go ahead and go to programmability store procedures and say new store procedure now I use stored procedures all the time and one of the big reasons why is because if I only use stored procedures I can further lock down my connection string that's very very important to me that I have the least amount of security uh security hole in my database so when you have a user in your connection string it says this user is authorized to access the database I can say yes but only for calling existing store procedures not for creating tables not for for deleting records that's not allowed to and so on so I've got a whole video on store procedures and why they're valuable but where I use this store procedure and call it customer underscore insert so with this we need to bring in all of the columns from the custom record so we're going to say ID int and we're going to say first name and varchar 50 just match up whatever the values are for the uh the types here so last name and varchar 50. file name envarchar 2000 and username and varchar 50. and then the other thing I like to do is start to begin and have an end this defines the scope of your store procedure that way it's very clear what the scope is and it's just we one entry here we're going to say insert into dbo Dot customer where I say first name last name file name and username now if you note here and let's unpin this now we don't need any more the file name is in blue that's because it's actually a keyword in SQL as well but we can surround that with square brackets and it's just fine and we don't technically need to surround in square brackets it would still work but we're going to you know be as clear as possible so first name last name file name and username now I did not use ID and what I do here normally is I'd make this into a an out value as well so it wouldn't take any value in but it would take a value out because we don't actually update this ID we don't change it by when we insert we let it alone we leave it alone because it's going to generate that number automatically but at the end I could get the ID that it generated and pass it back and you can do that with Dapper um but in this case I'm gonna leave it alone we're just going to um leave it like this so we're just going to pass it in and actually use it so we're going to execute and that created the store procedure so now if we look over here at our store procedure list and open it up we now have that one store procedure again don't save that okay we don't need a sale because that's just the um the query window is all it is the actual object has been saved so um if you're not new to SQL but you want to be more familiar SQL I do have a full course on the SQL uh developer and how to create tables and Views and store procedures and why we do things and how to back things up and restore things and all the rest so um just in case you need a fuller profile but I do have stuff on YouTube as well that would be helpful okay so now we have our table we have our store procedure set up we now need to add a class library to our solution so I right click to my solution we're going to say add new project we will choose class library and we'll call this um upload files Library I like call my class libraries library at the end that way you know when you're trying to reference the only reference libraries just a little shortcut there all right.net7 yes that's what we want we hit create we're going to um we're going to delete last one but it does mean I can't add a reference yet to my library because the fact that there's nothing in my library to have a namespace so we'll get there in just a minute but first we need to right click and say manage nuget packages on my class library and we're going to install a few nougat packages first one dapper all right and if you scroll up one I think it's my someone had a suggestion maybe my zoomed in text I'm not sure but whatever reason my first load in Dapper it loads in like this and Dapper's missing that's because you have to scroll up for some reason it's not showing the very top of the list at least for me and it happens on multiple machines that I use so it's not just machine specific it might be font size specific though because I do have a zoomed in font for recording okay so we're going to choose dapper in which the current version is 2.0.123 you choose whatever the latest version is for you we hit install hit okay and we're also going to um set up or ask for microsoft.data.sqlclient this is the um there's also a system.biz.sql client but this is the the later version this is the the newer version of SQL data client so we're installing this and that's the latest version is 5.0.1 so um and then also we need microsoft.extensions dot configuration dot abstractions all right top one right here this is some abstractions for talking to our configuration okay so let's install this and I'll talk through these three packages we'll talk more as we use them but the um the three packages we have installed are now let's ignore transitive for a minute but the three packages are Dapper this allows us to talk to SQL it's a micro orm if you're not familiar basically it doesn't do any of the extra stuff um it just allows us to pass in a store procedure or a SQL query of some kind and get back the data and it puts it into a strongly typed model that's all it does but because it just does that very very simply it's very very fast and that's all you really needed to do is just say hey run this SQL give me the stuff back in models and that's a huge deal it's it's much better than just doing a straight ado.net which gives you back a um a set a data table that you didn't have to cast Over the right types to create models it's a little messy this does it for you very very clean so it's not going to do the things that Entity framework does the you know just Rail Link query and have it be the query to your database but you can use Link on the data that came back so if you want to do that you could but link is not very efficient so I recommend you let SQL do what SQL does it itself best which is querying sorting and filtering and then take the data into c-sharp as close to what you need as possible and then just manipulate what small bits you need after that so that's what Dapper does the microsoft.data.sqlclient what it does allows us to connect to SQL Server so Dapper uses this to connect to SQL Server just you know Dapper doesn't do just do SQL Server it does my SQL SQL Lite SQL CE firebird and a lot more so we're using the SQL client from Microsoft to connect to SQL Server and then finally this allows us to talk to our uh configuration so microsoft.extension.configuration.obstractions allows it to talk to app settings.json and all the other ones too if you're not familiar app settings.json is not the only place you put configuration there's also app settings.developer.json and we have secrets.json and we have environmental variables and we have the command line parameters we this we can even pull in things like Azure key Vault and so many other places to pull in data and this allows us to talk to that set of locations very very easily to um to reference things so that's in our class Library it normally is in the UI projects but we're not using it from the UI project we're using the class Library that will raise a question of where is the app settings.json in the class Library well class libraries don't have their own settings instead they pull from whatever uh UI project needs them and so in this case we'll pull from the app settings of upload files app and its app settings so just know that's where they're going to come from okay that's all of the um the packages we need just so you know if you went and looked at the library you'll see there are the three packages that have been added so that's where they're at in case you were wondering okay so now let's create and right in the root um we're making this clean and simple so we're not going to be um let's close all these we're not going to be um you know Korea's really cool file structure we could do that and bear project that's the demo project so we're going to put right in the root um a new file so let's add a class in the upload files Library called uh SQL data access and we'll make this a file scope namespace and we'll get rid of our using statements for now and make it public and in here we're going to create a Constructor ctor and we'll ask for an eye configuration and that's going to add a using statement for Microsoft extension.configuration okay that's the one we need and we're going to say config I'm going to do control dot to create and assign the field underscore config as a read-only field what this does is it allows us to use this class with dependency injection where we ask for an eye configuration that's the uh the thing that allows us to talk to app settings.json and others so we're asking for that variable in which comes from Japan's injection then we're going to capture that variable as a private read-only value so we can use that throughout the rest of our class so let's create the one method we need right now which is public I spelled right async task save data and we're going to say string stored proc string connection name and object parameters all right we can um let's put our our Summit our query braces here and then let's see if we can quick actions refactoring to wrap every parameter and we'll indent them all that way it's on the screen at once so this save data method which is going to just save our data to SQL that's all it's going to do we're asking for three things a store procedure name the connection string name not the connection string just the connection string name and then any parameters for that store procedure this will allow us to safely protect ourselves against most forms of dependency or sort of SQL injection we don't want to create a SQL statement dynamically in the fly that would be vulnerable to SQL injection this will prevent a lot of those by using parameters instead so we're going to first get the connection string string connection string equals underscore config dot get connection string and it already knows what it is connection string name now this is where we have some help with the nullable so if you look at your project you'll see that in the project there is this nullable thing here and it says enabled this is a newer thing in I believe oh goodness.net sticks maybe um what this does is it says hey your project is going to use the null ability and what that is going to do is going to give you some warnings when you're not declaring this string as nullable even though yes a string can be null and even though it's not marked as nullable if this came back as null it would successfully put null into this value because a string can be null however we have not specifically said this string can be null so therefore since we haven't said that but it could be null it's warning us and saying hey you know what you're not properly planning for things because this could return a null value and you haven't planned for it so what do you want to do do you want to mark this string as nullable or do you want to do something with this value to make sure it's not null because if you ask for a connection string and it's not there you'll get a null value well in our case if you returned a null connection string what should happen well we shouldn't go any further because you can't connect to a database if you have no connection string therefore I want this to throw an exception now I could make this nullable and then do a check to see if it's known if it is and throwing exception but I could also do this I'm going to put on the next line two question marks and what this is the the null coalescing operator and what it's saying is hey if the first value is null then put whatever the second value is in instead so I could put for example that and what that would do is say hey here's the default value but we're not going to have a default value for connection strings and that wouldn't work we want to instead throw an exception if the connection string is null so we're going to say Throw new exception instead of putting a value here and we're gonna say missing connection string at connection string name let's unpin this I can see the whole thing um what this will do is it will throw a exception now if we don't have a value for our connection string now normally this would be a value that goes into our string but you can throw an exception pretty much anywhere and this is a case where we want to throw an exception if the first value is no okay so now we know for certain after this that the connection string is not null because if it is null we won't go any further than this we'll just throw that exception so now I'm sorry using VAR connection equals new SQL connection this comes from microsoft.da.sql client so I have to add that using which just got added automatically right there oops sorry right there um so the SQL connection takes in a connection string which is not null and there we go we're going to create a connection to our SQL Server this is not Dapper this is just Microsoft so far and we're using the using here so that when we are done with this scope meaning these curly braces right here when you get to the last crease here that's the end of this scope and at that point it will successfully and it will call the disconnect from SQL method but the dispose method on the SQL connection that way we properly shut down a connection no matter what and we make sure that we don't leave open connections that would cause our server to slowly bog down and lock up so that's important I'm going to say await connection dot execute async it's going to add another using statement this time for Dapper so execute async or pass in the stored proc the parameters and we're gonna say the command type is uh system.d. command type dot store procedure which that's a little long so let's go ahead and wrap this using our quick actions refactoring right indent all arguments like so so now that's all there is to our execute so what does this do well it takes in a store procedure so that name is going to be uh db0.sp customer underscore insert so it's going to pass in that insert method it's going to pass the connection string name which that's the name of our connection string um in our app settings.json and it's going to find the connection string and we're going to pass in these parameters those parameters are going to be the first name the last name the file name the username and uh the ID we'll pass those in we'll execute it meaning we'll run that on SQL and be done so in our whenever we use this we'll just say save data pass those three values in we're good to go that makes our our using a Dapper very very easy so with that I think we're done with this now we need to do is I'm going to create an interface of this so I'm going to say control dot here or right click and go to Quick actions refactoring extract interface in that same file notice it does say which thing which members do you want to add to your interface let's leave all of them checked which is only one hit okay and that creates now an i SQL data access which we can see over here in our solution Explorer right here with the one method and you may say let's put our semicolon here you may say well Tim why was it even necessary because it's just creating an interface to create an interface right well no we're going to use this independency injection we're going to say hey there's whenever you ask for an i SQL data access give you SQL data access but again why would you add that level of abstraction when we're just gonna ask one to one there's nothing a different SQL data access and the reason why is because this allows to very easily replace this when we're doing unit testing because we have an interface that's much easier to mock an interface and say hey here's the interface you need we could create a new class called SQL data access and override and all the rest we don't need to we can just use the a new class that inherits from isql data access and use that instead of SQL data access so that's why we're doing that so we go over to our upload files app which is our Blazer server app we go to program.cs this is where depends the injection gets configured it's a builder.services DOT add Singleton and we're going to ask for I SQL data access and say SQL data access which it's like I have no clue what those are no problem um I believe the control dot does allow us to do that it does it's control that's awesome if we typed it right notice add reference to upload files Library right and it will also add the using so I'll do that click on once and we're done because it added the reference to the upload files library but if you want to do it manually you would go to dependencies right click and say add private reference check the box for upload file Library once you're done then add the using statement for upload files library and then you'd be good so the quick actions refactoring makes our life a lot faster and easier so that's all we have to do in that setting now we're not quite done here because we need to go to app settings.json which does not have a section for a connection string so we have comma and say connection strings plural notice it already has this as part of intellisense that's because this is a standard section we are going to use it as a standard section you want to say default and then put a connection string in here now you could call it everyone we could call it the name of the database we call it um something else in there Tim DB doesn't matter but where I use default just because we chosen to but what's the connection string and here's where people often get tricked up the connection string is dependent on your machine so when you download the source code which you can use a link in the description download the source code if you just try and run it it's going to give you an exception it's going to say I can't talk to a SQL database I can't find a SQL database and you're going to say Tim this is broken and it's not broken what happened is that it's trying to connect to my SQL database which you don't have access to this connection string is unique to your computer so you have to make that change so here's how to do it you go to the database you create now if you've created a separate database on on a actual SQL Server it'll be different for you but I'll show you the parts of it you need to know about but if you this is the easy way if you're in SQL Server object Explorer you select the database then you go over to properties and if you look down here there's a connection string if you just double click in the prop the value and hit copy then come over here and hit paste it's going to put the connection string in for you now this looks very big and scary don't worry it's not nearly as scary as it looks so let's talk through the parts of it that you need to know first of all data source this is the name of your server in our case our server is called localdb in parentheses slash Ms localdb that's the name of our server if you look over here localdb slash Ms SQL local TV that's the name of our server so if your server was called something else you put that name in here if you're using a full SQL Server you installed typically the first instance of SQL on your machine is you can reference it by saying dot that's it just Dot now initial catalog this is the name of the database now it's initial catalog because you can actually access other databases but by default it's going to default to this database well that's our database name right there and then Integrated Security equals true this means that it uses my credentials that I've logged into windows so since I'm logged into Windows it says hey we're going to use the fact that you're logged in to also authenticate you to the database Now by default you are the admin of databases that you've installed on your computer locally so therefore integrate security goes true will make you the administrator you're good to go however when you're connecting to a remote SQL Server you're more likely to be using an actual username and password which is what would replace this so you have a username and a password and yes that password being clear text and that's not really a security violation because the fact that the user already can access that even if you encrypted it just so you know we have a whole nother discussion on that and other videos on my YouTube channel but that's just so you know so if they can access your connection string they can access your database as that user now the rest of this stuff yes it adds some things to it but you don't have to have any of the stuff you can actually delete it all it would still work so just know those are the three parts if you're connecting to a separate or a different database um you know you might use a DOT here and then your database name here and then if Integrated Security will work for you then that would be all you'd need or you'd need a username and password here either way that'd be all you'd need to connect to your database if you go to I believe it's connectionstrings.com um those connection strings for a whole bunch of different types of servers not a SQL and we'll show you the structure of how to set them up and what things to put where but that's it for us now I am storing this in app settings.json and that's not typically where we put our connection strings in fact I would encourage you not to do this in a real application I'm putting it here so you have access to it so you can see it when you download the source code but what would happen here is this would upload to Source control and then your local database is what the connection string is for but only you have that database no one else does so they download the source code it won't work for them they have to change this but now that's a change in app settings.json which gets put in a source control which means now your database won't work when you sync changes it causes a mess you don't want to do that instead you want to use secrets.json which is a local uh connection string plays or a local place for settings that is only on your machine does not upload a source control that will override app settings.json you can get there by right clicking on your project and say manage user secrets so you can put the connection strings there it'll override the connection strings you have in app settings.json I cover more about this in my course I have a whole course on app settings because it's so um so much to cover um as far as the five different places you can do plus otherwise you can add and how to set this thing up to do it really well to make the most of your settings so uh for now though we're gonna put it in app settings.json because you can download the source code and have this to see the structure of what mine looks like even though it's getting different for your machine you have a place to look at a start okay all the explanation being done um we've got this in our um our dependency injection we have it in app settings.json we have our library so now it's time to actually start using this and to do that it's kind of simple so first we're going to add a using up here whereas a support Library and that whoops not support Library we call it upload files Library there we go um and that's going to reference our our other libraries who have to add um upload files Library dot every time you want to access something from there specifically the I SQL data access inject I SQL data access we'll call it SQL let's use a dependency injection to get that connection to our SQL Server so we've got all of the the edit form information already that's already done so now we just need to um come down here to our source code and actually do some work now one thing I didn't do before Max files allowed we don't need that we're only capturing one now so we can leave that alone but let's go ahead and update this submit form because we have the model I'll show you how to save this to SQL Server oh wait SQL dot save data dbo dot SP customer underscore in search that's our store procedure default is our connection string name and the parameters new customer and that was an object but we're passing in the customer model which has all the data and Dapper can use that since we're using the same parameters you can use that to create the parameters for our store procedure so guess what this line right here is all we had to add to save our SQL data to SQL Server we're done we're gonna add a few more lines to kind of clean things up so we're essay new customer equals new that's going to reset that customer model after we've uploaded it we're going to say that file equals null that's our I browser file since we've uploaded let's clear that file out and we'll also say errors.clear when we're done okay which also probably um clear the errors when we are submitting this form for the very first time so that way if we generate errors they're brand new errors so that's all we need to do um to have our insert done let's verify that let's actually run this make sure it's going to work so let's go to run this application we'll also bring over our our Temp Storage here so we don't have any records in SQL yet but let's add Tim Corey and we'll choose a file and that's going to be my image and say create customer notice it blanks us out T query over here we have my image cool it starts a u e e so let's come back over here close this out we'll go over to SQL Server Auto Explorer right click on customer and say view data and we notice that we have Tim we have Corey we have a file name of T Corey slash u-e-e that's it dot ping and it was created by the user t Corey so we've got a record in SQL now now notice I stored the relative path I installed the actual image I just stored the relative path and this is going to have a bit of a debate to it and there are people who will say well there's times when you could there absolutely are times when you could put the actual object in your database and there are people that will say well you know you want to keep your your actual image with the rest the record that way it doesn't accidentally get deleted you don't have to keep them in sync in some way it just it's safer and there are there is some validity to that argument as well however I will say that in probably 90 plus percent 95 plus percent of the time you don't want to do that and here's my reasoning why first of all when you start putting files in your SQL database it means that your SQL database grows at a much much faster rate imagine how much data is taken up by this information right here not the not the file just the information is it a kilobyte probably not even that okay we don't have a lot of data here but this image right here is um mind small mine's only half a megabyte but we've now made this record 500 times larger probably more than that but let's just be conservative and say 500 times larger now imagine if we upload uh I believe it was Noah we actually look um but if we look at uh Noah's headshot is 1.5 danz is 1.5 Toms is one so if we upload Noah's or Dan's that would mean that our the data in our row has increased in size by 1500 times so when it comes to backups what does that mean well we want to have a lot of backups for our SQL data because you don't want to lose data we don't want to lose data even between backups we want to have you know incremental backups and so on so we have a lot of different backups to store data so when you talk about the size of your data you're talking about multiplying it by 10 15 20 times because of all the backups you're storing so now all of a sudden a one megabyte file or row becomes 10 15 20 megabytes when it comes to your actual database plus all the backups and that can really add up fast imagine if you had 10 000 or 1 million let's say ten thousand ten thousand customers that's not much I have more than ten thousand customers so I'm a little shop I don't have I'm a small business and yet I have more than 10 000 customers so if I'm storing 10 000 we're talking about you know one megabyte file back to the napkin math here we're talking 10 gigabytes of just the images and then if you back that up you know to be 10 times we're not for all the different backups now we're talking about a hundred gigabytes worth of data backing up that's a lot now let's talk about what we're actually storing here a profile picture is it the end of the world if we lost a profile picture probably not is at the end of the world if we lost customer information yeah absolutely that's a big deal but losing their profile picture isn't as big of a deal so when it comes to backing up these files backing up the customer profile files I can have a different level of backups for them I can say you know what I'm going to back these all up once and then just do incremental backups for any changes to happen that means that if I have 10 gigabytes worth of of profile pictures I might have a backup size of 15 gigabytes or less of of storage I might even just have 10 gigabytes and say I've only ever got the latest version that way if something happens I can restore one version and if I go more than that we have a problem we have to deal it in another way maybe it's a little too loose maybe I want to have two or three versions but now we're talking about 10 20 30 gigabytes instead of talking about hundreds of gigabytes even worse when it comes to SQL Server when you have a lot of rows you can get to the point where your database takes longer to back up than it does hours in a day I've seen this happen or especially hours in your backup window where maybe you have three hours to back your database up and it takes two hours and 57 minutes you know or even worse three hours and ten minutes that's even worse but that happens all the time for businesses well if you were to add images of that we're now talking about 24 plus hours and you can't you know have a database backing up for that long without having major problems so the complexity goes up it just makes a mess so I would encourage you let's just use the the relative path to a storage location for your file this will also mean it makes it very easy to move your files around because nois it's just T query slash in the file name it doesn't say d Temp Storage that's what we store in our app settings.json but imagine from it if I want to change where those files are stored if I want to put them on a different drive or a different location somewhere else in a Cloud Drive doesn't matter I can change that very very easily by just going into app settings.json and saying change it here and now we're good to go SQL Server doesn't have to know about the change now we're going to see that in the next video when we talk about actually actually sorry in two videos I think it is when we bring the data back and go a store or display it on a page so we'll talk more about that coming up no and one more video Yep this next video um reaction display us on the page and say hey here's how you know you bring it back and we'll kind of run some hiccups there and we'll talk through how to display things from the database in a way that is safe but also is in a different location than where you store them to originally or a different path at least so I would encourage you to think this through don't just flippantly say oh it's just safest to put it in the database it's really not it's really pretty unsafe and it works great when you're in development it works great when you have a few records it works great when you have a few hundred records but when you get into actual production situation where your business has been running for two three four five years and all of a sudden you have 20 30 40 50 000 customers in your database that becomes a problem even if it's just profile pictures of your story now again everything has an exception so there's no one right way I'm not saying this is the only way because if you're talking about very sensitive records or records they're very very important to keep with everything else then yeah you may be putting those in the database but don't just blithely put everything in the database think through your data and if it really needs to be there default to not putting it in the database and then see if you're in that five percent and be very careful about making sure you're in the five percent before you decide to put it in the database okay so that's how to put data into a database pretty simple stuff once you get down to uh get through all set up but in the next video we're going to load the data back out of SQL and we're going to display it on the page and see how to work with those images on a web server and see how we have to change some things up in order to make that work okay thanks for watching thanks to be a part of the series make sure to get the source code down below and also check out that playlist make sure you have an update in series when the next one comes out all right and as always I am Tim Corey [Music] [Applause] thank you

Info

Channel: IAmTimCorey

Views: 9,456

Rating: undefined out of 5

Keywords: .net, C#, Visual Studio, code, programming, tutorial, training, how to, tim corey, C# course, C# training, C# tutorial, .net core, vs2022, .net 6

Id: dzQvHGMIVpg

Channel Id: undefined

Length: 50min 36sec (3036 seconds)

Published: Mon Jan 23 2023