Should I use a Stored Procedure or Sql Script

Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

All Forums

SQL Server 2000 Forums

Transact-SQL (2000)

Should I use a Stored Procedure or Sql Script

Author

Topic

midi25
Starting Member

24 Posts

Posted - 2005-05-22 : 17:05:30

Hi I am in the process of creating a registration web form for registration purposes. When the user fills out the form the data will be pushed back into the db.

Should I use a SP for this or just an inline sql script. No data is being retreived. Do SP's benefit Insertions??

Thanks

derrickleggett
Pointy Haired Yak DBA

4184 Posts

Posted - 2005-05-22 : 17:10:20

SP

You can tune and troubleshoot them easier from the database side. They are more security, and not as prone to SQL Server injection attacks.

MeanOldDBA
derrickleggett@hotmail.com

When life gives you a lemon, fire the DBA.

midi25
Starting Member

24 Posts

Posted - 2005-05-22 : 17:14:01

Forgive my ignorance but what is an sql server injection attack. And how can I prevent them.

Thanks

cshah1
Constraint Violating Yak Guru

347 Posts

Posted - 2005-05-22 : 17:14:54

read here..

http://www.4guysfromrolla.com/webtech/061902-1.shtml

derrickleggett
Pointy Haired Yak DBA

4184 Posts

Posted - 2005-05-22 : 17:22:58

Also, since you are just learning, start using Google when you have questions. It's a DBAs best friend.

MeanOldDBA
derrickleggett@hotmail.com

When life gives you a lemon, fire the DBA.

mpetanovitch
Yak Posting Veteran

52 Posts

Posted - 2005-05-23 : 12:22:58

SP also has will be guaranteed a cached execution plan thus will run faster.

Mike Petanovitch

derrickleggett
Pointy Haired Yak DBA

4184 Posts

Posted - 2005-05-23 : 14:21:11

Not necessarily Mike.

MeanOldDBA
derrickleggett@hotmail.com

When life gives you a lemon, fire the DBA.

mpetanovitch
Yak Posting Veteran

52 Posts

Posted - 2005-05-23 : 15:47:33

Let me rephrase, as guaranteed is not the appropriate word due to first time usage or lack of usage.

SP will have a higher probability of using a cache execution plan vs ad hoc sql.

Mike Petanovitch

derrickleggett
Pointy Haired Yak DBA

4184 Posts

Posted - 2005-05-23 : 17:06:16

There you go.

You also need to add "or anything in the stored procedure or the way it's called that could cause it to require another plan". Then you would have nailed it.

MeanOldDBA
derrickleggett@hotmail.com

When life gives you a lemon, fire the DBA.

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources