I am trying to convince someone that using an external DLL to manage sql data is better then using stored procedures. Currently the person I am working with is using vba and calls sql stored procedures to get the complicated data they need from many different sources. It is my understanding that the best way to go about this kind of action is to use a dll/ some intermediate layer to get the data and be able to format it to the needs.
Some things to keep in mind:
- The person i am working with doesn’t care to much about being able to scale to much further then we are now
- They don’t care to be able to switch to different platforms
- They don’t see to much of a performance problem with the current setup
- Using a dll requires more work that is in a different direction
- They don’t want to switch if there’s not a current problem with doing it the way it is now.(So just because its not the right way wont work…I tried)
So can anyone tell me some benefits of using an external dll then using sql stored procedures ?
Use stored procedures, and write your data access layer which calls them via parameterized commands in a separate dll. Stored procedures are a standard and give you a ton of benefits, parameterized commands give you automatic string safety.
This type of design is basically so standardized and has been for years now that Microsoft has included a framework that constructs it for you in .NET 4.
More or less, both you and this other fellow are right, use sprocs for security, and separate your DAL for security and reusability and lots of reasons