J
Jonathan Wood
Until now, I've been using stored procedures to update my databases because
I've been taught stored procedures are faster (precompiled) and eliminate
the possibility of some kinds of injection attacks.
But now I need to create code to record a purchase transaction. Not only
would this require around a dozen arguments, but these arguments could
include any number of invoice items. Based only on trying to pass these
arguments, it does not appear that a stored procedures is up to the job.
I'm still pretty new to database development and would appreciate any
comments on the best way to proceed with this.
Thanks.
I've been taught stored procedures are faster (precompiled) and eliminate
the possibility of some kinds of injection attacks.
But now I need to create code to record a purchase transaction. Not only
would this require around a dozen arguments, but these arguments could
include any number of invoice items. Based only on trying to pass these
arguments, it does not appear that a stored procedures is up to the job.
I'm still pretty new to database development and would appreciate any
comments on the best way to proceed with this.
Thanks.