> since i've inherited a system where i may only be allowed
> access [SqlServer7] through stored procedures [negotiations still going on with
> the vendor/partner], is this a performance observation, or an error observation??
What you gain from using StoredProcedures is performance and enhanced security.
The performance gain is that your businesslogic(DML, DDL) is compiled and cached
in the RDBMS. The security issue is that you only have to set execute permission
on the procedure, even if the procedure modifies a couple of tables you won't get
a securityexception as long as you have executepermission(True for atleast
MsSQL6.5+, Sybase and Oracle7.x+). So you don't have to set explicit permissions
on each table and for every task the user should be able to perform.
The parameters that a StoredProcedure expects(If any) are bound to a certain type
which eliminates the possibility to "pipe" in SQLstatements like:
'+(DELETE FROM table)+'.
Regards, Bip
--
| || ||| || r a z o r f i s h , san francisco
bip thelin
[ @y=(Tfdi);$x="opmphjtu";$x=~y/b-z/a-z/;for($i=0;$i<@y;$i++){
$y[$i] =~y/b-y/a-z/;print"$y[$i]";}print"$x" ]
>> tel 1.415.865.1465 x 322
>> fax 1.415.865.1475
>> http://www.razorfish.com
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
