There's both some outdated information in that article as well as some misleading information...
By the time it was written in 2004, anyone who had upgraded to SQL-2000 should not have been using @@identity anymore, because scope_identity() was created specifically because @@identity is not thread-safe.
He mentions security being one of the benefits of using stored procedures and then recommends using "exec name_of_sp" inside of cfquery tags, which negates any security benefits you might get from using stored procedures
And his comment at the top about seeing a 50% improvement in performance from putting the code in a stored procedure is the same thing you get from using cfqueryparam tags (which also provide the security benefit) - but without giving specific information about how or why you get that performance gain or comparison to the performance gains of cfquerparam, the information is at best speculative... but it's also misleading.
See Steve Nelson's comments at the bottom. (His is the 4th comment.)
A for effort, but that's just not a very good article.
Oh and he didn't mention the biggest reason to want to not marry an application to a specific database platform - because you're a software vendor, and your clients aren't going to buy an extra enterprise license or switch from Oracle to SQL-Server for your $100 application. That's the reason why Transfer, Reactor and DataFaucet have become so popular and why Hibernate is being integrated into ColdFusion 9.
2 comments :
There's both some outdated information in that article as well as some misleading information...
By the time it was written in 2004, anyone who had upgraded to SQL-2000 should not have been using @@identity anymore, because scope_identity() was created specifically because @@identity is not thread-safe.
He mentions security being one of the benefits of using stored procedures and then recommends using "exec name_of_sp" inside of cfquery tags, which negates any security benefits you might get from using stored procedures
And his comment at the top about seeing a 50% improvement in performance from putting the code in a stored procedure is the same thing you get from using cfqueryparam tags (which also provide the security benefit) - but without giving specific information about how or why you get that performance gain or comparison to the performance gains of cfquerparam, the information is at best speculative... but it's also misleading.
See Steve Nelson's comments at the bottom. (His is the 4th comment.)
A for effort, but that's just not a very good article.
Oh and he didn't mention the biggest reason to want to not marry an application to a specific database platform - because you're a software vendor, and your clients aren't going to buy an extra enterprise license or switch from Oracle to SQL-Server for your $100 application. That's the reason why Transfer, Reactor and DataFaucet have become so popular and why Hibernate is being integrated into ColdFusion 9.
Post a Comment