Click here to Skip to main content
13,260,161 members (43,923 online)
Rate this:
Please Sign up or sign in to vote.
See more:
I am looking to see a few good references on stored procedures with MySQL. A good number of applications demonstrate query-based and not much with routines/procedures. Is this the standard with MySQL? If that is the case, what is the arrangement to secure the application against any SQL Injection attacks?
Posted 16-Nov-12 6:43am
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

If MySQL supports paramaterized queries, that is also safe. In general, there's less advice to always use procs, because it's not necessarily a speed benefit, nowadays. I still think it's a good idea a lot of the time to use procs, esp if you want to put the SQL in a data layer seperate from your code, so you can change it easily and clean your code base.
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

I wish its a good idea using stored procedures as a queries. as normal queries can be attacked easily as they can used for a sql injection; also it requires more code process to write it.
And its easy to change on later on if you upgrade it or change it.

some stored procedures sample example for mysql are-
stored procedure[^]
MySQl Stored Procedure[^]

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy |
Web01 | 2.8.171114.1 | Last Updated 16 Nov 2012
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100