Nicholson, Karen
knicholson at gpsx.net
Thu Jun 10 15:03:19 CDT 2004
So what do you think of having tons of Crystal Reports that hit against the sql server (odbc) tables? I prefer to create views for the Crystal Reports to read, but everyone in this corporation likes to hit against the tables and write the groupings, calculations, etc in Crystal. -----Original Message----- From: dba-sqlserver-bounces at databaseadvisors.com [mailto:dba-sqlserver-bounces at databaseadvisors.com]On Behalf Of Francisco H Tapia Sent: Thursday, June 10, 2004 3:58 PM To: dba-sqlserver at databaseadvisors.com Subject: Re: [dba-SQLServer] Difference between views and queries jwcolby wrote On 6/10/2004 9:33 AM: >Can anyone explain the difference between a view and a query? Views use a >query, plus the view keyword. I have a couple of books that I have read the >chapter on Views, but I so far haven't managed to "get" why you wouldn't >just use the query itself instead of turning it into a view. > > A query is a request for an Access Database, however for Sql Server you would either use a View or Stored Procedure to return the data you wanted... you are also able to use dynamic SQL to retrieve the information you need. ANY request given to the SQL Server engine is managed by the engine, unless you are running Remote servers (iirc). In Sql Server, it is TABOO, nay, GENERALLY bad practice to use dynamic sql because of the implication of SQL INJECTION attacks, this poses a "real" security threat to your database. and your server. another reason to use a VIEW over dynamic sql is that it is pre-optimized by the SQL Server Engine and thus runs faster and more efficient. Additionally if you use Dynamic SQL then your individual users who access the server will need EXPLICIT "SELECT" permissions by you, which is another 'bad' practice. In SQL Server you make data available to your users via VIEWs and Stored Procedures or some other secure way in order to protect your tables and it's data. ya get wot I mean? -- -Francisco _______________________________________________ dba-SQLServer mailing list dba-SQLServer at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-sqlserver http://www.databaseadvisors.com