Re: More Ammo Against Dynamic SQL?
- From: Daniel Fink <daniel.fink@xxxxxxxxxxxxxx>
- To: michael.fontana@xxxxxxxxxxx
- Date: Mon, 23 Nov 2009 16:02:04 -0700
In line with my "Stop Tuning SQL" philosophy...
I think the main point is not that there are applications generating
dynamic sql or even that they may have static sql..
People do what they learn to do and what they are able to do.
The developers have learned to develop applications with dynamic sql
(and likely not learned the risks/issues)
And the same developers are able to develop these applications by an
organization that is unable/unwilling to restrict them.
"Stop Tuning SQL...Write it right in the first place"
Michael Fontana wrote:
I am now thinking that this thread is missing the main point.
There should be no SQL queries whatsoever in the application.
It should only call functions, procedures and packages with business rules stored in the database.
I'll leave on my own now, before those with development biases me out.....
----- Original Message -----
From: "Mark W. Farnham" <mwf@xxxxxxxx>
To: kjped1313@xxxxxxxxx, "oracle Freelists" <oracle-l@xxxxxxxxxxxxx>
Sent: Monday, November 23, 2009 3:49:36 PM GMT -06:00 US/Canada Central
Subject: RE: More Ammo Against Dynamic SQL?
Toons and Richard gave you some very nice ones.
To those I would add the ability, in the event that your application includes access over a wide area, to encode (and document of course) your packages, procedures, and functions with short names so that instead of transmitting many Ks of sqlcode, your calls across whatever network you’re across are a few characters for the package name, a few characters for the procedure or function name, plus the required inbound parameters and any results that are retrived. You’d be surprised…
mwf
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Kellyn Pedersen
Sent: Monday, November 23, 2009 3:01 PM
To: oracle Freelists
Subject: More Ammo Against Dynamic SQL?
I am working on a presentation to convince my company against some of the dastardly dynamic SQL that we have in our code. We perform everything from inserts, updates, deletes, selects and CTAS' all with dynamic SQL and it's killing me!
I would love any new reasons NOT to use it, as I have all the standard reasons like, inability to reuse sql in the buffer, parsing issues, bind peeking issues, execution plan instability, etc..
Thanks for the assist! :)
Kellyn Pedersen
Multi-Platform DBA
I-Behavior Inc.
http://www.linkedin.com/in/kellynpedersen
"Go away before I replace you with a very small and efficient shell script..."
--
//www.freelists.org/webpage/oracle-l
Other related posts:
