presentation from business logic. You always want to do that and it can
be achieved with both.
-Matt
On Mar 24, 2004, at 5:23 AM, Stephen Barry wrote:
> While not wanting to get into the whole Stored Procedures V <CFQUERY>
> argument, I have to say there are times when stored procedures are a
> more
> suitable
> solution.
>
> For example in a large company looking to add limited intranet access
> to an
> important DB - its quite likely they already have their DB experts
> who are
> reluctant to allow any access, particularly from something like
> Coldfusion
> which they don't understand or aren't comfortable checking. Stored
> procedures allow a very neat separation of presentation and DB logic
> which
> better mirrors internal company structure.
> This means that both aspects benefit from specialist attention (and
> your
> Coldfusion code looks neater). Both layers can be tuned and secured
> independently.
>
> Personally I don't use stored procedures when there isn't a good case
> for
> them - while I'm a big fan of separating business logic from
> presentation,
> for pure development speed you can't beat <CFQUERY>.
>
> - Steve Barry
>
> > -----Original Message-----
> > From: Matt Liotta [mailto:[EMAIL PROTECTED]
> > Sent: 24 March 2004 01:48
> > To: CF-Talk
> > Subject: Re: why are procedures better? (was: RE: Securing CF Apps.)
> >
> >
> > > 1. They execute faster. The db (I only know from Oracle and SQL
> > > Server, if
> > > others are different it doesn't really concern me) can optimize
> the
> > > execution plan.
> > >
> > Prepared statements execute at the same speed as stored procedures.
> >
> > > 2. You can often times do more. There are things I can do
> > in a pl/sql
> > > package/procedure that I cannot do in a query call
> > >
> > For example?
> >
> > > 3. You can limit access with them. Now granted you can
> > set it up so
> > > you are
> > > only selecting from a view in your query block as well,
> > but it makes
> > > more
> > > sense to me to do it in a procedure.
> > >
> > Why does it make more sense?
> >
> > > 4. An additional layer of security. You can ensure that
> > you user not
> > > only
> > > cannot execute the procedure, but they can't even tell it exists.
> > >
> > If the user is executing the procedure how could they not know it
> > exists?
> >
> > > I am sure there are more reasons, but I think those are
> > sufficient to
> > > use
> > > procedures.
> > >
> > If that's all, I guess I'll continue to use cfquery.
> >
> > -Matt
> >
>
>
> ***********************************************************************
> *
> Meteor web site http://www.meteor.ie
>
> ***********************************************************************
> *
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
