On CBS MoneyWatch: How much sleep do you really need?
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 12 of 34:
Next »
« Previous
Maybe for small applications
But consider a scenario where dozens of applications, websites, and batch jobs use a single database to share information. Then you need to add new fields or rearrange tables inside of the database for a new feature. Better yet, one of your dynamic queries contains a mistake. Redeploying all the applications (making sure no one is using an older version), and identifying all instances of the query would be a nightmare.

As a second issue, having dynamic queries (unless done carefully which it seems almost never is) highly increases your likelihood of SQL injection attacks. Using parameterized stored procedures will help reduce the possibility of attack.

In a scenario where a client application directly communicates with a SQL server (yes this is poor design) someone could easily modify the dynamic queries inside of the application unless you've used some sort of string encryption.

Finally (especially in the case of larger environments) you do not want developers writing their own queries. Poorly written queries can ravage a database's performance. It's better to have a database architect design the stored procedures for developers to use rather than give developers who may be trained in using databases but not trained in designing databases free reign.
Posted by: Yensi717   Posted on: 10/31/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

I brought this up  Roger Ramjet | 10/31/05
PAPPL?  jpratch | 10/31/05
Its just another trick  Roger Ramjet | 10/31/05
I don't mind, with some reservations  Mark Miller | 10/31/05
Debugging tools for PHP  eheimer | 11/01/05
So what's wrong with Fortran?  Gravitas@... | 10/31/05
Like what?  Not average Joe | 10/31/05
Like handcuffing your code to specific hardware  Robert Kohlenberger | 11/01/05
Right on the Money RK  tbbrickster_z | 11/02/05
Productivity writing assembler?  cgraham_z | 11/03/05
Agree that Database Procedures are Evil  daver_z | 10/31/05
Maybe for small applications  Yensi717 | 10/31/05
OOD  Gravitas@... | 10/31/05
I think  Yensi717 | 10/31/05
Spot on right  Justin James | 10/31/05
Yeah, well...  emofine | 10/31/05
Varying opinions  tero_t_vaananen@... | 11/01/05
Right on.  zztong | 11/01/05
Multiple database vendors  Yensi717 | 11/01/05
Not a pain to edit  Chad_z | 11/01/05
Great framework  bkatz | 10/31/05
Looked like a pain to me...  Justin James | 10/31/05
For Unix deployments you might consider...  Mark Miller | 10/31/05
Message has been deleted.  khakman | 10/31/05
I've heard of Ruby  CobraA1 | 10/31/05
You mean like Smalltalk?  wkharold | 10/31/05
Funny  John Carroll ZDNet Moderator | 10/31/05
true  jimk_z | 10/31/05
true  jimk_z | 10/31/05
Ruby is OO  tero_t_vaananen@... | 11/01/05
Just what are people spouting about?  jacec | 10/31/05
Are there other benefits?  DougOfCBS ZDNet Moderator | 11/01/05
This is not serious development  SQLDBAJames | 05/29/06
Not everything is a nail  rarsa | 11/03/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline