1. should i use views instead of writing direct queries to code.
2. or should i use stored procedures to fetch data
YES!
Use SP's for both. Even if the SP does that same thing as a View, it just allows you to make changes, later, with more flexibility.
3. should i use any sql account (guest sort of) to fire sql queries. who do not have any update or delete or insert rights.
Yes, that's a good idea, too.
4. from where i can get resources for proper sql server handling.
SQLTeam.com is a good place to start. They specialize in SQL Server.
5. and is it possible to access those pages which are on server, but do not have any direct hyperlink visibility.
Yes. Absolutely. If a person can guess the page name, they can access the page. It's better to protect *ALL* pages. If you have some private pages, protect them with a password-based login.
|