httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Helmut Tessarek <>
Subject Re: DBD framework, APR, caching
Date Thu, 22 Mar 2007 13:03:43 GMT
Nick Kew wrote:

> Is that the same issue as

No. The bug describes encryption but I was talking about validation.
Furthermore the bug shows off a completely other part of the API.

> My working assumption with DBD is that creating stored procedures
> is part of database design and initialisation, and not something
> I'd want the apache user to have privilege to mess with!  Are you
> talking about something like per-connection stored procedures?

Writing stored procedures is usually part of the DBA, but if the database server
is not on the same machine as the web server, stored procedures are most of the
time faster than SQL statements invoked from the client. Even when using SQL
statements the Apache admin has to know the tablenames and the structure of the
tables. And he has to have the privilege to access them.
In that case he either can write the SP by himself or ask the DBA to do that for

Another point is that the SQL statement could get pretty large when several
tables are involved for retrieving the passwords or groups. Not everybody is
able to create their own tables for authentication. Many people want to use
their already existing tables and then it's much easier to have just a SP which
does the job.

Having stored procedure support does not force the Apache admin to use it. It
just gives him the possibility to do so.


View raw message