[dba-SQLServer] Access limitations

Jim Lawrence accessd at shaw.ca
Thu Mar 20 23:30:44 CDT 2008


Beside of the obvious ability for a site to be hacked that use dynamic SQL,
the performance hit can be dramatic as many non-compiled SQL chucks are
having to be managed. 

Jim 

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Arthur
Fuller
Sent: Thursday, March 20, 2008 9:08 PM
To: Discussion concerning MS SQL Server
Subject: Re: [dba-SQLServer] Access limitations

Sprocs and Views and UDFs all the time. No dynamic SQL ever. Whenever I hear
those words, I reach for my Glock :) Admittedly, there are very rare
occasions when dynamic SQL is the only way to go, but those occasions are
extremely rare. More often than not, it's used because people either don't
know how to program TSQL or because they haven't been shown how easy SQL
injection is.

A.


On 3/20/08, Paul Nielsen <pauln at sqlserverbible.com> wrote:
>
> Hi Arthur,
>
> I agree ADP is great. But it's a front-end to SQL Server so you're really
> testing SQL Server (which regularly handles multi-terabyte databases and
> thousands of concurrent connections), not the Jet Engine. I'm wondering
> how
> far you can push the Jet engine.
>
> In your use of ADP, did you use a database abstraction layer in SQL Server
> (all procs all the time)? Or ad-hoc SQL?
>
> -Paul
>
_______________________________________________
dba-SQLServer mailing list
dba-SQLServer at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver
http://www.databaseadvisors.com




More information about the dba-SQLServer mailing list