Let’s say I have a messaging service between users, with public and private messages. I’d like the “public” ones to be visible to everybody, and the “private” ones to be REALLY private. Which of both designs would be the best?
a)
Having a single database called “messages” with the columns
- id
- sender
- receiver
- timestamp
- value
- privacy (which would be a boolean value, 0 for private and 1 for public)
Or b)
Having two databases, one called “messages_public” and other called “messages_private” with the same following columns
- id
- sender
- receiver
- timestamp
- value
I know that the second approach is redundant, but is safer in the sense that in the case an error occured, the private messages wouldn’t be accidentally displayed for everybody (which would be a disaster), am I right?
In the first case, on the other hand, it really could. A simple error in the SQL query could fail to filter the private messages, and it would display every one.
I think either design would be fine, although I prefer the first because it eliminates redundancies.
In your case, security is going to come down to your application code, which is going to have to guarantee that private messages are only delivered to the appropriate users. If there is a defect in the application code, either database schema could expose private data to the wrong users.