Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


Tip of the Day
Language: Enterprise
Expertise: All
Aug 13, 1999

Use Stored Procedures for Updates and Insertions

Coding static SQL in an Active Server Page (ASP) is perhaps the easiest way to provide dynamic data content in Web pages. However, you should try avoiding this; instead use a stored procedure wherever possible for such updates and insertions. Static SQL code in an ASP page is exposed to the Web site as well as potential hackers.

To minimize this exposure, it is often better to call a stored procedure, which in turn performs the required updates or inserts. You can grant appropriate permissions to the ID, calling the stored procedure to access and modify objects and data. This acts as a shield between the Web site and the actual data being changed.

Jai Bardhan
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap