|
|
|
|
|
|
by icedchai
922 days ago
|
|
|
I haven't really seen the "stored procedures for all DB access" pattern in over 20 years. In the Oracle and Sybase days, it seemed common. In general, it feels like too much overhead during development. It's another language you need to work with, another thing you have to update / keep in sync, and it will complicate deploys. I'd only use stored procs for specific niche uses cases. And only if it was really performance critical. If you want to avoid SQL injection, you use prepared statements (or a framework/ORM that uses them.) |
|
|