>Jojo what protects against SQL injection is good programing not the use of SP, you should always use parameters that is what will protect you from sql injection.

Ok, but how do you consider if one is a good programming practice? By what using proper ...?

Please clarify..



>
>
>>>You're taking it too personally. As are most here.
>>>
>>>I'm just looking for somebody to engage Walter's points so I can try to learn something.
>>>
>>>OK, here is one reason to use SP:
>>>
>>>1) Critical transactions- If you have a scenario where multi-table writes need to be transacted without fail to avoid disastrous consequences, forcing use of a SP is a reliable way to ensure compliance. Example- banking transactions, controlled substance stockkeeping.
>>>
>>>Do you agree?
>>
>>Sorry to jump in, I agree and in addition to what you say, using SP protect SQL injection attack. :)