Tuesday, March 26, 2013

EXEC vs SP_EXECUTESQL

 

We all know Stored Procedure are better than having any dynamic SQL Statement,   There are times where dynamic SQL Statement is unavoidable.  In such cases we can make use of dynamic SQL, there are two options to run dynamic SQL.

EXEC SP_ExecuteSQL
Every time the Execution Plan is created for different parameters Reuses the execution plan
May introduce SQL injection Parameters are safe from SQL Injection
Type casting is required Type casting not required
slow as every time the execution plan needs to be created faster as execution plan is reused.
Non-parameterized Parameterized

 

Make use of SP_ExecuteSQL over EXEC.

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Teams PowerShell

 The PowerShell helps to get quick meta data around Teams. Install-Module -Name MicrosoftTeams Connect-MicrosoftTeams Get-TeamAllChannel...

  • Windows Restart
    I was trying to install SharePoint 2013, the setup was complaining about a pending system restart.  Even after multiple restart / Shutdown. ...
  • C# Virtual & Abstract Properties
    Recently a new learner of C# asked me a question on C# Virtual & Abstract properties.  It turned out to a deep dive.  Detail follows. D...
  • XBox Live connection
    I am excited to connect XBox to internet and want to stream video directly in TV.  But configuring XBox to connect XBox Live had some hiccup...