Richard Bucker

The case for stored procedures

Posted at — Dec 22, 2013

In a previous post I proposed using a database connection proxy in order to improve security. Is included the notion of using stored procedures in order to secure the DB from SQL injection. 

Another side effect or benefit is that by putting the SQL in direct proximity to the data one emulates an object oriented approach to database development. The code and the data and the data model are all in proximity. So when the database is backed up and restored maintaining consistency to the upstream or upgrading applications are less critical providing a more loosely coupled approach.