Skip to main content

Why embedded sql should not be in your applications

So very recently our team had a lunch meeting presentation as we sometimes do where a person will give a presentation on a topic. This day Charlie gave a presentation on LINQ to entities. You can see the camtasia video here.
LINQ stands for Language Integrated Query. LINQ is very powerful and I like many things it offers. After meeting discussion turned to why developers write their own queries inside their applications (a.k.a. embedded sql). Developers and DBA's will clash over why you should/should not put sql in the application.

The developers point of view:

  1. I don't need a DBA or SQL Developer to complete my application. I just need a connection to the database and I'm golden.
  2. Writing stored procedures and waiting for the DBA slows me down.
  3. I have deadlines!
  4. Understanding the program is much easier if all the code is in one place and not spread to the sql server.

The DBA's point of view:

  1. SQL in the application requires the connection to have direct access to every table it will query. This could mean not only select priviledges but also insert, update, and delete priviledges. Imagine what a hacker could do with your connection! A better solution is to call a stored procedure. The stored procedure could have access to the tables, and the account connected would have access to only run the stored procedure!
  2. Developers do not write the best queries. Yep, believe it or not, a DBA or SQL developer will write better queries that are more efficient and return only the data needed. DBA's know how to use SQL trace, profiler, Database Tuning Advisor, query analyzer, etc, etc to ensure the query is optimized. More importantly, a DBA WILL use these tools whereas a developer might think "good enough". Argue this all you want but mechanics work best on cars, doctors work best on patients, DBA's work best on SQL Server. Always exceptions... but you are not one of them.
  3. DBAs responsible for the SQL server. Suppose a deadlock issue is found. Should the cause be a query that is inadvertently causing table locks and easily remedied no big deal right? Well now consider that it is 2am, the query is part of a web application that has embedded sql. Now the DBA cannot fix the query because it is not a stored procedure. Instead the production issue is escalated, the whole staff is fired, and all because you embedded sql! Ok that is over dramatic but it can lead to waking up programmers, shutting down the web application, or reoccurring problems until the application can be recompiled.
  4. Embedded sql requires the code to be compiled each time the application is run which will slow down the application. Not a big deal until you have a high transaction volume application.

Both points of view are valid! However, consider the long term health of the SQL Server. That server may need to support many applications. My point here is if you have DBAs and SQL developers that can optimize your queries, let them do it. Debate the results, revisit your queries, and let your DBA work for you. Your reward will be a better performing application and SQL Server.

Labels:

Comments

Post a Comment

Popular posts from this blog

Why fragmentation occurs and how to avoid/fix it.

Let's suppose you have this table: We have made last name the primary key in this table Now lets import some rows into the table and check the fragmentation Notice the fragmentation at 96.48% and all we did was one import of 16426 records. So now we have several questions: How bad is this? Fragmentation causes SQL Server to skip around to read data from your tables. For a one time read on a small table this is virtually meaningless. In a job that may need to read millions of records, this could tear apart your performance. Ok this is bad. How did it happen? The primary key on a table is clustered. This means the data will be stored according to the primary key. In our case, last name. When data doesn't come in the same way you store it (i.e. Customer names are not coming in alphabetically, but rather randomly) SQL Server must constantly split pages to store the data correctly. This causes data to be "fragmented" into multiple areas of the disk instead of one continuou...
Post a Comment
Read more

SQL Server ETL for Data Lineage

What is data lineage? Ok let us suppose you built a wonderful database with loads of data coming from source files from your vendors, your own AS400, and different departments of your own organization. All of this data has been imported into 200 tables in this database producing a plethera of information that is used for reporting purposes. One day a department head comes to you and says, "I think this number here on this report is wrong. Where did you get it from?" Do you escort that person to the computer room and show him/her your server? No, I didn't think so. So how do you come up with where the information came from? Likely you find a data load expert in your IT department and have him/her spend the next several minutes/hours/days rummaging through stored procedures, ssis packages, dts packages, custom applications, etc trying to find this information. However, if you had this: you could simply pull up the history of how that data came to be loaded and point. How us...
Post a Comment
Read more

DBA 101 - Connecting to an unresponsive SQL Server

I will attempt, over the course of many blogs, to tackle troubleshooting for a beginning to intermediate DBA. Troubleshooting is like an octopus with a hundred arms. There is no silver bullet but at least I can give you some tools for your belt to help determine the next steps in troubleshooting many common problems that you will see. So where do we begin? I don't know. Let's dive in and see where we end up. Problem - Nobody can connect to the SQL Server and it is not responding to any requests. Wow this seems like an impossible problem and is in reality two problems. Lets address the most critical problem which is you cannot even address why the SQL Server isn't responding to requests because nobody can connect to it to see what is going on. A weak solution - Often times an inexperienced DBA or what is often called an "accidental" DBA would pull the plug on the server, wait ten seconds, and then power it back on. Now this isn't the worst possible solution.....
2 comments
Read more