>
>Calling a stored procedure is considered more secure - you are not sending information about your database structure over the wire.
>
>This is more of an issue on a web or otherwise internet enabled application. If your SQL server and web server are both on an intranet where outside threats are reduced/eliminated, this is not a big issue.
William and Naomi,
First, thank you both for your input.
My app is a WinForm on a local network. So security is not a concern. Getting my project done (on time) and stable is a big concern. So, did I understand correctly that to have the extra (or better) security and using stored procedures would involve more code?
"The creative process is nothing but a series of crises." Isaac Bashevis Singer
"My experience is that as soon as people are old enough to know better, they don't know anything at all." Oscar Wilde
"If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money that it values more, it will lose that too." W.Somerset Maugham
