Tuesday, March 26, 2013

EXEC vs SP_EXECUTESQL

 

We all know Stored Procedure are better than having any dynamic SQL Statement,   There are times where dynamic SQL Statement is unavoidable.  In such cases we can make use of dynamic SQL, there are two options to run dynamic SQL.

EXEC SP_ExecuteSQL
Every time the Execution Plan is created for different parameters Reuses the execution plan
May introduce SQL injection Parameters are safe from SQL Injection
Type casting is required Type casting not required
slow as every time the execution plan needs to be created faster as execution plan is reused.
Non-parameterized Parameterized

 

Make use of SP_ExecuteSQL over EXEC.

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Microsoft copilot Agent

 In Copilot Chat https://m365.cloud.microsoft/chat Click on All Agents on side bar Copilot Studio Provide the details and you are agent is r...

  • SSIS Script Component
    In SQL Server Integration services, we have Script Component, which can be used in Data Flow Task as Source, Destination or Transformation. ...
  • C# Virtual & Abstract Properties
    Recently a new learner of C# asked me a question on C# Virtual & Abstract properties.  It turned out to a deep dive.  Detail follows. D...
  • Windows Restart
    I was trying to install SharePoint 2013, the setup was complaining about a pending system restart.  Even after multiple restart / Shutdown. ...