Hi Daniel...

I have done extensive database development in a very long career in the field.  As a result, I have learned the following axioms...

If you are using a localized database (ie: Firebird Embedded) it really doesn't matter where you define your SQL code since there is no chance of sending bad data attached to a SQL string.

If you are using a multi-user database (ie: Firebird Server) than it is always best to create Stored-Procedures and Stored-Views for your SQL, which are more difficult to attack by external entities.

This being said, if you use Stored-Procedures and Stored-Views with an Embedded Firebird Engine than you will have no problems in moving them into a Firebird Database Server since the core kernels are primarily the same.

A note on your Views being updateable...  This is often not a good idea as Views tend to be used by end-users so you would want maximum control over what they are allowed to do.  Thus Stored-Procedures should always be used to perform updates, which always have some level of control over them within an application.

Steve Naidamast

Sr. Software Engineer