Hi Daniel... I have done extensive database development in a very long career in the field. As a result, I have learned the following axioms...
1... If you are using a localized database (ie: Firebird Embedded) it really doesn't matter where you define your SQL code since there is no chance of sending bad data attached to a SQL string. 2... If you are using a multi-user database (ie: Firebird Server) than it is always best to create Stored-Procedures and Stored-Views for your SQL, which are more difficult to attack by external entities. This being said, if you use Stored-Procedures and Stored-Views with an Embedded Firebird Engine than you will have no problems in moving them into a Firebird Database Server since the core kernels are primarily the same. A note on your Views being updateable... This is often not a good idea as Views tend to be used by end-users so you would want maximum control over what they are allowed to do. Thus Stored-Procedures should always be used to perform updates, which always have some level of control over them within an application. Steve Naidamast Sr. Software Engineer
