简体繁体中英

Best practices to Minimize/Manage SQL string blobs in data access code (e.g. Dapper)

原文 2017-09-28 02:39:25 6 1 c#/ .net/ data-access-layer/ sql-generation

I've built some data layers using Dapper with great pleasure. Of course maintaining the required SQL strings can be an issue, especially when the db schema changes (rename column etc).

I'm looking for a strategy to "remove" most SQL string blobs (without using EF or Linq). Either find/build a type safe query API to generate SQL (like jooq) or some kind of meta generation comes to mind.

Am I missing anything? Is there a best practice or better approach?

Thank you

Note: Using EF or Linq would solve the issue but we're striving to be as close to SQL as possible.

1 answers

I totally agree with John Wu. Stored procedures are the way to go here.
You can think of stored procedures as a way to encapsulate your database - your application doesn't need to know how the data is stored, it only needs to know what stored procedures are available and what they do.

There are plenty of benefits:

This keeps your SQL statements out of the application code.
Your queries are compiled and re-used in the database, so you gain performance.
Your SQL Login can have a more restrictive security details, making it harder for hackers to damage your database.
Stored procedures almost eliminate the chance of SQL Injection (Unless you are using dynamic SQL inside), since you must use parameters to pass data to the stored procedure.
Some changes in the database structure can be made without the need to re-compile your software, since it no longer access the tables directly.
A lot of SQL code can be done more efficiently with stored procedures (for instance, Inline sql can't use table valued parameters)
using stored procedures can make your life easier if you need to support multiple database vendors - for instance, the differences between pl/sql and t-sql are no longer an issue.

I'm sure that there are plenty of reasons I didn't cover, as well as there are some reasons against working with stored procedures. (For instance, one might say that stored procedures allows you to move logic to the database, and that's the wrong place to put logic in. I personally disagree with this statement - I think some logic MUST be in the database.)

SQL Query delivers no results despite working in e.g. Access?

Set attributes e.g. length for string

SQL: Correct e.g. 1,2,4,5,7 to 1,2,3,4,5 (queue order)

Eliminate redundant letters in string? (e.g. gooooooooood -> good)

Faster String GetHashCode (e.g. using Multicore or GPU)

Any string in some method e.g. File.Exist()

C# How to access an ambiguously typed object (e.g. 'var') as a specifically typed object (e.g. 'Form')

NoSql (e.g. RavenDB) for financial time series data?

c# retrieve data like e.g. in jquery

Best practices to manage entities while querying the data out of tables?

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SQL Query delivers no results despite working in e.g. Access? Set attributes e.g. length for string SQL: Correct e.g. 1,2,4,5,7 to 1,2,3,4,5 (queue order) Eliminate redundant letters in string? (e.g. gooooooooood -> good) Faster String GetHashCode (e.g. using Multicore or GPU) Any string in some method e.g. File.Exist() C# How to access an ambiguously typed object (e.g. 'var') as a specifically typed object (e.g. 'Form') NoSql (e.g. RavenDB) for financial time series data? c# retrieve data like e.g. in jquery Best practices to manage entities while querying the data out of tables?

Related Tags

Best practices to Minimize/Manage SQL string blobs in data access code (e.g. Dapper)

Question

1 answers

solution1 1 2017-09-28 04:13:56

solution1
1 2017-09-28 04:13:56