Classic WTF: All Pain, No Gain
by in CodeSOD on 2021-05-31It's a holiday here in the states. So enjoy this classic from the far off year of 2009. --Remy
"My company has very strict policy on direct access to the database," Steve writes, "no hand-built SQL in the front-end code and always use a stored procedure to access the data. The reasoning behind this was simple and sound: Avoid SQL injection attacks and increase database performance. "
"The execution, however, was not so simple and sound. They went through all the pain of needing to use stored procs, but none of the gain. I'll leave it as an exercise to the reader to see why."