On Thu, Mar 03, 2011 at 11:30:49AM -0700, Nathan Nobbe wrote:

> Hey gang,
> (Yes Tedd, I like your style, when it pertains to how you address the list
> :))
> I have a new curiosity that's arisen as a result of a new contract I'm
> working on, I'd like to bounce around some thoughts off the list and see
> what you folks think if interested.
> The topic at hand is stored procedures.  Frankly, I've hardly ever even seen
> these in use, and what I'm trying to figure out are good rules of thumb as
> to where / when / how they are best used in application development.
> Also, bear in mind that personally I tend to favor OO paradigms for
> application development so would prefer feedback that incorporates that
> tendency.
> Initial thoughts are
> Bad:
> . Not well suited for ORM, particularly procedures which return multiple
> result sets consisting of columns from multiple tables
> . Greater potential for duplicated logic, I think this comes down to a well
> defined set of rules for any given application, read: convention required
> for success
> . Scripting languages are vendor specific, and likely most application
> developers have a limited understanding thereof
> Good:
> . Better performance
> . <Fill in blank on convincing bullets here>
> I've also done some reading on MSSQL vs. MySQL and found that the former
> offers much more features.  I've also read that most databases only see
> roughly 40% of the feature sets being used for typical applications in the
> wild, and would agree from personal experience it is accurate.
> >>From my standpoint MySQL is popular because the features it offers are the
> features folks are really looking, one of those 80/20 things...
> I stumbled into this link on a google search, it's from '04 but looks to be
> relevant to this day
> http://www.codinghorror.com/blog/2004/10/who-needs-stored-procedures-anyways.html
> Your thoughts appreciated,

I've done a lot of work with databases, and never used stored
procedures. I'm not quite sure why anyone would graft a bunch of
computational gear on top of a database engine designed to store and
retrieve data. Let the engine do what it does best. Leave PHP or C to
Python to do the other stuff.

Another point: I once had a boss tell me that programmers were typically
weak on database. I suspect they would gain some expertise if they were
forced to consider database architecture and SQL in writing apps. Stored
procedures would tend to make the database more opaque.

It seems that part of the impetus for stored procedures is the horror
that DBAs have of random programmers issuing hack-laden SQL to their
precious databases. My question: you've got backups, right? And any bad
SQL should be taken care of before an app goes out the door. It's the
programmer's responsibility to ensure that nothing he does can hack up
the database. That includes parameterizing queries and vetting user data

Anyway, just some thoughts. Also, please consider PostgreSQL in addition
to MySQL and MSSQL.


Paul M. Foster

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to