tags:

views:

1565

answers:

2
+2  Q: 

Are stored procedures faster for simple queries

If I am executing a stored procedure for basic queries, such as:

SELECT ColA, ColB FROM MyTable WHERE ID = 123;
SELECT * FROM MyTable,OtherTable WHERE MyTable.ID = OtherTable.ID ORDER BY CreatedAt desc

Is there any benefit to converting those to a stored procedure if that happen frequently? When is it better to use a stored proc? When should I not use a stored proc?

What kind of optimizations, if any, happen when you create a stored proc? (which would help me understand when/why I should use them)

If it makes any differences, my database is an MS SQL 2005 db.

+1  A: 

See http://stackoverflow.com/questions/59880/are-stored-procedures-more-efficient-in-general-than-inline-statements-on-moder

John Sheehan  2008-10-16 15:15:23
+7  A: 

Reasons for using stored procedures:

  • Reduce network traffic -- you have to send the SQL statement across the network. With sprocs, you can execute SQL in batches, which is also more efficient.
  • Caching query plan -- the first time the sproc is executed, SQL Server creates an execution plan, which is cached for reuse. This is particularly performant for small queries run frequently.
  • Ability to use output parameters -- if you send inline SQL that returns one row, you can only get back a recordset. With sprocs you can get them back as output parameters, which is considerably faster.
  • Permissions -- when you send inline SQL, you have to grant permissions on the table(s) to the user, which is granting much more access than merely granting permission to execute a sproc
  • Separation of logic -- remove the SQL-generating code and segregate it in the database.
  • Ability to edit without recompiling -- this can be controversial. You can edit the SQL in a sproc without having to recompile the application.
  • Find where a table is used -- with sprocs, if you want to find all SQL statements referencing a particular table, you can export the sproc code and search it. This is much easier than trying to find it in code.
  • Optimization -- It's easier for a DBA to optimize the SQL and tune the database when sprocs are used. It's easier to find missing indexes and such.
  • SQL injection attacks -- properly written inline SQL can defend against attacks, but sprocs are better for this protection.
DOK  2008-10-16 15:30:28
Excellent points. I especially wish more programmers would realize how vunerable to fraud their databasea are if they set permissions at the table level.
HLGEM  2008-10-16 15:59:32
Scary, huh? If I'm understanding it correctly, many Linq operations using generated SQL instead of stored procedures are only increasing the practice of direct table access. Keep getting your message out!
DOK  2008-10-17 14:59:24

related questions

Backup SQL Schema Only?
Sql to query a dbs scheme
Timer-based event triggers
Sql query, count and group by
Paging SQL Server 2005 Results
SQL 2005 For XML Explicit - Need help formatting
How do I use T-SQL Group By
What all do I need to escape when sending a (My)SQL query?
Split String in SQL
Datatable vs Dataset
ASP.NET MVC "CRUD" Database Sample
Convert HashBytes to VarChar
Best Book for a new Database Developer
What is the best way to avoid SQL injection attacks?
What language do you use for Postgresql triggers and stored procedures?
What is the best way to handle multiple permission types?
How do I index a database field
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Is there a version control system for database structure changes?
How to export data from SQL Server 2005 to MySQL
ASP.NET Site Maps
Decoding T-SQL CAST in C#/VB.net
Flat File Databases in PHP