That is insightful. I think what you say about APIs is very true.
I'm a bit surprised that two other reasons for stored procedures didn't come up in the discussion. Maybe these are not issues outside Microsoft SQL Server, I don't know, but to my mind these are two very compelling reasons for stored procedures on that platform at least:
1/ you get greater performance because the SQL Server can compile and optimise stored procedures, which they can't do as successfully for queries passed in.
2/ you can completely avoid problems with SQL injection using parameterised stored procedures, whereas this requires careful coding and thought when dynamically building up queries in code.
Hi Jon! That is insightful.
Hi Jon!
That is insightful. I think what you say about APIs is very true.
I'm a bit surprised that two other reasons for stored procedures didn't come up in the discussion. Maybe these are not issues outside Microsoft SQL Server, I don't know, but to my mind these are two very compelling reasons for stored procedures on that platform at least:
1/ you get greater performance because the SQL Server can compile and optimise stored procedures, which they can't do as successfully for queries passed in.
2/ you can completely avoid problems with SQL injection using parameterised stored procedures, whereas this requires careful coding and thought when dynamically building up queries in code.
All the best !
Regards,
David W