Questions: SQL: Constraints (PRIMARY KEY, FOREIGN KEY, UNIQUE, CHECK, DEFAULT)

Application-level validation only runs when code passes through the application layer. A direct SQL session, a migration script, a bug in a different application, or any other client bypasses the Python code entirely. The database will happily accept whatever value is sent. Only a CHECK constraint enforced by the database itself is unconditional — it applies to every INSERT, UPDATE, and DELETE from every client. This is the core reason to move business rules into the schema: constraints cannot be bypassed.

PRIMARY KEY combines two requirements: uniqueness and NOT NULL. Every row must have a non-null, unique identifier. UNIQUE enforces uniqueness without requiring NOT NULL — a column like email can be UNIQUE while still allowing rows where the email is not yet known (NULL). Most databases also allow multiple NULLs under a UNIQUE constraint because NULL represents 'unknown' and two unknowns are not considered equal. Options A and C are both incorrect about the NULL behavior of PRIMARY KEY.

Answer: True

This is the definition of referential integrity as enforced by FOREIGN KEY. If a table orders has a FOREIGN KEY (customer_id) REFERENCES customers(id), the database rejects any INSERT or UPDATE that would create an orders row with a customer_id that doesn't exist in the customers table. This prevents 'orphaned' records — data that references something that doesn't exist. The constraint is checked at the time of every modification, by every client, unconditionally.

Answer: False

Application-layer validation can be bypassed — by a different application accessing the same database, by a direct SQL session from an analyst or DBA, by a migration script, or by a bug that lets invalid data slip through. Database constraints are enforced unconditionally on every statement from every client. The schema is a contract that the database upholds regardless of how data arrives. The correct conclusion is the opposite: if a rule is important enough to enforce in the application, it is important enough to enforce in the schema as well.

The deeper point is that data outlives applications. A business might replace its web app, hire a new analyst, or run automated jobs — all of which interact with the same database. If the rules live only in one application, every new access point must independently re-implement them correctly. Constraints in the schema need to be written once and are then permanent. This is why the topic describes the schema as 'a contract the database enforces.'