The Borlander John Kaster will be here in T.O. giving us a very welcome and needed conference about ECO II. The day, June 6th, location, so far looks like the North York Library as initially planned. For more information visit the Toronto's Delphi Users Group.
I expect a good assistance to this meeting, so, see you all there.
Saturday, May 28, 2005
Wednesday, May 18, 2005
Ad Hoc SQL vs Stored Procedures
Well, i had the pleasure to assist to a Michael Li's conference about Security using ASP.Net in Delphi 2005.
One of the topics was the famous "SQL Injection" menace. I felt bad initially cause i use Ad Hoc SQL on my everyday, is extremely versatile, and you can build great search queries at run time. More static operations like reporting, specific updates and very plain searchs on tables are usually perfect places for stored procedures.
Maybe a difference is that i use parameterized ad Hoc sql, never pure text insertion (eg. "select * from users where id = '+id.text+'"), but i must admit that for user validation procedures i use stored procs.
I think that for abstraction of tables in a program, there is nothing better than ad Hoc, I never considered appropiate to have hundreds of sps to manage every single update. Constant changing databases will prove to be a hell for the hundreds of sps that depends from that table that you just changed.
Well, after that conference, i decided to do a little research about this topic and i found a great "good and bad" discussion about it.
Check it here at the Server Side, it brings some light to both sides of the discussion.
Good to read, enjoy.
Pst. btw, I will keep using my ad hoc queries. :)
One of the topics was the famous "SQL Injection" menace. I felt bad initially cause i use Ad Hoc SQL on my everyday, is extremely versatile, and you can build great search queries at run time. More static operations like reporting, specific updates and very plain searchs on tables are usually perfect places for stored procedures.
Maybe a difference is that i use parameterized ad Hoc sql, never pure text insertion (eg. "select * from users where id = '+id.text+'"), but i must admit that for user validation procedures i use stored procs.
I think that for abstraction of tables in a program, there is nothing better than ad Hoc, I never considered appropiate to have hundreds of sps to manage every single update. Constant changing databases will prove to be a hell for the hundreds of sps that depends from that table that you just changed.
Well, after that conference, i decided to do a little research about this topic and i found a great "good and bad" discussion about it.
Check it here at the Server Side, it brings some light to both sides of the discussion.
Good to read, enjoy.
Pst. btw, I will keep using my ad hoc queries. :)
Friday, May 13, 2005
New delphi Book coming...
The new Marco CantĂș's book "Mastering 2005" will be available in stores this coming June.
You can pre order it here!
Based on its content table, it promises to be a great addition to the Delphi library.
Enjoy.
You can pre order it here!
Based on its content table, it promises to be a great addition to the Delphi library.
Enjoy.
Wednesday, May 11, 2005
Help improving Delphi!!!
Please take some of your time and fill up this survey.
Its a very well done poll, and will definitly help improving the product. Make some time and go for it!.
Its a very well done poll, and will definitly help improving the product. Make some time and go for it!.
Subscribe to:
Posts (Atom)
A painless self-hosted Git service
Remember how a part of my NAS setup was to host my own Git server? Well that forced me to review options and I stumble into Gitea . A extr...
-
Remember how a part of my NAS setup was to host my own Git server? Well that forced me to review options and I stumble into Gitea . A extr...
-
It is a matter of "simply" finding them. If there is a need, there is an opportunity. Native cross platform? for me opportunity! ...
