Tuesday, March 26, 2013

EXEC vs SP_EXECUTESQL

 

We all know Stored Procedure are better than having any dynamic SQL Statement,   There are times where dynamic SQL Statement is unavoidable.  In such cases we can make use of dynamic SQL, there are two options to run dynamic SQL.

EXEC SP_ExecuteSQL
Every time the Execution Plan is created for different parameters Reuses the execution plan
May introduce SQL injection Parameters are safe from SQL Injection
Type casting is required Type casting not required
slow as every time the execution plan needs to be created faster as execution plan is reused.
Non-parameterized Parameterized

 

Make use of SP_ExecuteSQL over EXEC.

No comments:

Post a Comment

Teams PowerShell

 The PowerShell helps to get quick meta data around Teams. Install-Module -Name MicrosoftTeams Connect-MicrosoftTeams Get-TeamAllChannel...