Homsher, Dave V. writes:
> Joe Breeden queried:
>
> >>It would be interesting to know how other people have solved
> >>that problem.
> >>Currently, we are essentially using embedded SQL in our apps.
>
> I have found that stored procedures + perl module wrapper around the procs.
> is a nice, balanced approach.
>
> The procs. give a nice performance boost as they are precompiled into the
> server (we use Sybase).
They are definitely faster, and significantly so.
> I believe that they are more secure, in that you
> aren't dynamically generating sql that might be 'hijack-able'.
Using RPC calls instead of language commands also improves speed, and
solves the "quoting" problem, too.
> Placing the stored procedure
> execution code in a perl module makes for easy/clean perl access from the
> rest of the app.
Absolutely. I've actually created configuration files for logical
database requests (essentially a hash that describes the input and
output of each proc) which lets me use a generic module (about 400
lines) of Sybase::CTlib code for *all* database access.
Works very well, and abstracts the database layer quite nicely.
Michael
--
Michael Peppler - Data Migrations Inc. - http://www.mbay.net/~mpeppler
[EMAIL PROTECTED] - [EMAIL PROTECTED]
International Sybase User Group - http://www.isug.com