Re: [Haskell-cafe] Re: Interesting new user perspective

On 11 Oct 2008, at 9:02 pm, Svein Ove Aas wrote:

On Sat, Oct 11, 2008 at 9:30 PM, Iain Barnett wrote:

...

Personally, I use stored procedures with a database as they protect from sql injection attacks (unless you write some really stupid procedures).

Isn't this what parametrized queries are for?

they will also work (at least in MS SQL Server), but you'd lose some of the performance and organisational benefits. And it stops people littering code with badly written SQL statements - at least I can keep track of the procedures! :) Iain