Been using LINQ for a while, but just over objects and Data Sets. But now I’m experimenting with using it over SQL – there’s a few really good blogs that I’ve seen that have aided my understanding of it. By far the best two video blogs that I’ve found are: –
- LINQ Overview – Excellent overview on LINQ and a good introduction to C#3 as well
- Mike Taulty’s LINQ to Video – Series of videos which gives an explanation of Linq to SQL from bottom up
I’ve been using it with a couple of dummy applications, and I’ve been impressed with the way that it works – very easy to use, quite seamless. I suppose that there’s two parts to it: –
- The Object Relational Mapper. This maps data from SQL to classes, handles change tracking etc.. You can create these classes yourself or get VS2008 to do it for you.
- Linq-to-SQL. An implementation (I think!) of the IQueryable interface, which translates LINQ statements into TSQL.
If we were to use LINQ to SQL directly, without stored procedures (but you can use the OR mapper with SPs quite easily), the first question we’d have is how does it perform instead using conventional SPs? And the second would be, how can we secure it i.e. you can lock down SPs against users etc., but if you are using a Windows Application which used LINQ queries, running in the Windows Identity, effectively you’re opening up the entire table to those users. If they got hold of Management Studio, they’d have full access to those tables, not just via the stored procedures. Opinions welcome.