We have a SQL Server database that can accept data from several
different projects throughout our lab. Is it better to (1) let each
developer create their own prepared SQL statements for inserts or to (2)
hide the schema from them and have them call stored procedures or views
to get the data into the database?
So for example, in the 1st case, the developer's code (e.g. PERL w/
DBI/DBD) would prepare/execute:
INSERT INTO table (col1,col2,col3) VALUES (1,2,3)
and in the 2nd case they would prepare/execute:
EXEC sp_insertdata, @val1 = 1, @val = 2, @val3 = 3
... and the stored procedure does the insert.
The main goal here is to isolate the developer from knowing the database
schema. Only the 'database team' knows the schema and then any changes
are done in one place (i.e. the view/stored procedure) instead of one or
many external applications.
In the 2nd case, the schema is invisible to him/her but if a column was
added to 'table', they would have to change their stored procedure call
all the same.
If there is there an easier way to do this please advise. Some of our
inserts are into tables of 100 or more columns (time-based data) and the
cadence can be sub-second.
Any help appreciated.
Michael Husler
3  1366 
Hi Michael,
I would definitely go with stored procedures. Too many benefits, just to
name a few:
- Security - you do not have to manage security at table level, but rather
by granting execute permissions (or using EXECUTE AS if on SQL Server 2005);
no direct access and revealing of your database schema.
- Data integrity - you can control the DML against the data; example: it is
easy to run a direct UPDATE with no WHERE, but in the stored procedure you
can enforce WHERE.
- Maintainability - your stored procedures will be like an additional
application layer where you can easily handle things like error handling,
transactions, etc.
- Performance - you can write the code in the stored procedure in the most
efficient way to access the data; the stored procedure is precompiled code,
the syntax is verified, and the execution query plan can be reused.
If you search Internet you will find many good examples and articles on the
topic.
HTH,
Plamen Ratchev http://www.SQLStudio.com
Mike Husler (Mi**************@noaa.gov) writes:
We have a SQL Server database that can accept data from several
different projects throughout our lab. Is it better to (1) let each
developer create their own prepared SQL statements for inserts or to (2)
hide the schema from them and have them call stored procedures or views
to get the data into the database?
So for example, in the 1st case, the developer's code (e.g. PERL w/
DBI/DBD) would prepare/execute:
INSERT INTO table (col1,col2,col3) VALUES (1,2,3)
and in the 2nd case they would prepare/execute:
EXEC sp_insertdata, @val1 = 1, @val = 2, @val3 = 3
.. and the stored procedure does the insert.
The main goal here is to isolate the developer from knowing the database
schema. Only the 'database team' knows the schema and then any changes
are done in one place (i.e. the view/stored procedure) instead of one or
many external applications.
In the 2nd case, the schema is invisible to him/her but if a column was
added to 'table', they would have to change their stored procedure call
all the same.
Isolating the developer from the schema is a noble goal, but less
easy to implement.
But just because you add a column to a table, the developer may not
need to have to change his call: you could use default values in
either cases. After all, if the developer should add a value, he has
to get it from somewhere.
As long as we only talking insertion, the method that possibly gives
the developer the least to think of terms of SQL is sql_insert. Which
is not in DBI/DBD as far as I know, but which is in Win32::SqlServer,
which is a module for accessing SQL Server but nothing else from Perl.
With sql_insert you only pass a hash of values, and sql_insert will
build the SQL statement from the hash and the table definition (which
is cached).
Then again... I did not understand what you meant with "the cadence can
be sub-second", but if there are lots of data coming, the it is not
a very good idea to run single INSERT statements, with or without
stored procedures.
In case you are interested, Win32::SqlServer is here: http://www.sommarskog.se/mssqlperl/index.html.
--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se
Books Online for SQL Server 2005 at http://www.microsoft.com/technet/pro...ads/books.mspx
Books Online for SQL Server 2000 at http://www.microsoft.com/sql/prodinf...ons/books.mspx
Stored Procedures are the ideal -for all the benefits mentioned above. But
in reality , some sort of Object method whereby the
user can dynamically SELECT the columnns can be more effective. A typical
example , might be an application that stores
matterials information , for example the airlines industry. In that
situation, you've potentially got hundreds of attributes that could be
assigned
to a given material, which then need to be selected from different
perspectives.
--
Jack Vamvas
___________________________________
Search IT jobs from multiple sources- http://www.ITjobfeed.com
"Mike Husler" <Mi**************@noaa.govwrote in message
news:fm**********@news.nems.noaa.gov...
We have a SQL Server database that can accept data from several different
projects throughout our lab. Is it better to (1) let each developer
create their own prepared SQL statements for inserts or to (2) hide the
schema from them and have them call stored procedures or views to get the
data into the database?
So for example, in the 1st case, the developer's code (e.g. PERL w/
DBI/DBD) would prepare/execute:
INSERT INTO table (col1,col2,col3) VALUES (1,2,3)
and in the 2nd case they would prepare/execute:
EXEC sp_insertdata, @val1 = 1, @val = 2, @val3 = 3
.. and the stored procedure does the insert.
The main goal here is to isolate the developer from knowing the database
schema. Only the 'database team' knows the schema and then any changes
are done in one place (i.e. the view/stored procedure) instead of one or
many external applications.
In the 2nd case, the schema is invisible to him/her but if a column was
added to 'table', they would have to change their stored procedure call
all the same.
If there is there an easier way to do this please advise. Some of our
inserts are into tables of 100 or more columns (time-based data) and the
cadence can be sub-second.
Any help appreciated.
Michael Husler
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Maurice LING |
last post by:
Hi,
Just a philosophical check here. When a program is distributed, is it
more appropriate to provide as much of the required 3rd party libraries,
like SOAPpy, PLY etc etc, in the distribution...
|
by: Dave Rahardja |
last post by:
OK, so I've gotten into a philosophical disagreement with my colleague at
work. He is a proponent of the Template Method pattern, i.e.:
class foo
{
public:
void bar() { do_bar(); }
protected:...
|
by: Jason |
last post by:
Looking for some insight from the professionals about how they handle
row inserts. Specifically single row inserts through a stored
procedure versus bulk inserts.
One argument are people who say...
|
by: dracolytch |
last post by:
Alright, this is a controvercial question for my fellow gurus: Why do
we bother with Object-Oriented programming in a web environment?
The web, by nature, is a stateless environment. Web-based...
|
by: Clay Luther |
last post by:
I am doing to large dataset performance tests with 7.3.4b2 today and I noticed an interesting phenomenon. My shared memory buffers are set at 128MB. Peak postmaster usage appears to be around 90MB....
|
by: Steve Jorgensen |
last post by:
Hi folks,
I'm posting this message because it's an issue I come up against relatively
often, but I can't find any writings on the subject, and I haven't been able
to figure out even what key...
|
by: Madhav |
last post by:
Hi all,
I am a newbie in c++. I want to know what is the
philosophical reason behind the existence of friend functions. I
thought giving access to private data to a function which is not a
member...
|
by: Giannis Papadopoulos |
last post by:
According to the standard (ISO C99 draft WG14/N1124), void is the
incomplete type that cannot be completed and comprises the empty set of
values. Since it declares the absense of a value can it be...
|
by: Juha Nieminen |
last post by:
Whenever one sees example C++ code basically anywhere, be it
in a book, in a tutorial in the internet, in an online forum
or whatever, I would estimate that at least in 99% of cases one
sees the...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
