Advantages of Stored Procedures?
Eber Irigoyen had this to comment on my post about SPs:
I completely disagree with this, if you didn't catch on so far. Here is my refutal:
- Scalability:
- There is no performance advantages to using SP over Parameterized SQL.
- Scaling the database is much harder than scaling an application.
- Note: I implemented a caching web service once that simply cache data for certain period of time, saving quite a bit from the poor database. Deploy a bunch of those, and you're seriously reduced the amount of work the database has to do.
- Flexibility:
- Stored Procedures are... Well, procedures. This means that you've all the advantages and disadvantages of procedural programming. On general, I wouldn't call it very flexible. Changing the procedure's internal can be done without breaking clients is possible within a certain set of changes, but major stuff is hard.
- A search procedure should be flexible, you should be able to search by any combination of parameters, how easy it is to write this procedure?
- Security:
- Not applicable in situations where you don't give users direct access to the database, in my opinion. There are things to be said about defense in depth, but I don't think that they should be curried to the point where you are forced to give up significant advantages while keeping the security of the system (using views / triggers instead of procedures, for instance, can result in a situation just as safe, and far easier for the programmers to work with effectively).
Comments
Comment preview