tags:

views:

36

answers:

2
+1  Q: 

Is it possible to definitively identify whether a DML command was issued from a stored procedure?

I have inherited a SQL Server 2008 database to which calling applications have access through stored procedures.

Each table in the database has a shadow audit table into which Insert/Update/Delete operations for are logged.

Performance testing on populating the audit tables showed that inserting the audit records using OUTPUT clauses was 20% or so faster than using triggers, so this has been implemented in the stored procedures.

However, because this design cannot track changes made directly to the tables through DML statements issued directly against the tables, triggers have also been implemented which use the value of @@NESTLEVEL to determine whether or not to run the trigger (the assumption being that all DML run through stored procedures will have @@NESTLEVEL > 1). i.e. the body of the trigger code looks something like:

IF  @@NESTLEVEL =   1   -- implies call is direct sql so generate history from here
    BEGIN
... insert into audit table

This design is flawed because it won't track updates where DML statements are executed in dynamic SQL, or any other context where @@NESTLEVEL is raised above 1.

Can anyone suggest a completely reliable method we can use in the triggers to execute them only if not triggered by a stored procedure?

Or is this (as I suspect) not possible?

A: 

I don't think so. There is a longstanding Connect item to get access to the call stack

Cade Roux  2010-05-14 13:43:34
+3  A: 

Use CONTEXT_INFO (Transact-SQL). In the procedure set a value to alert the trigger to not record anything:

--in the procedure doing the insert/update/delete

DECLARE @CONTEXT_INFO  varbinary(128)
SET @CONTEXT_INFO =cast('SkipTrigger=Y'+REPLICATE(' ',128) as varbinary(128))
SET CONTEXT_INFO @CONTEXT_INFO

--do insert/update/delete that will fire the trigger

SET CONTEXT_INFO 0x0

In the trigger check CONTEXT_INFO and determine if you need to do anything:

--here is the portion of the trigger to retrieve the value:

IF CAST(CONTEXT_INFO() AS VARCHAR(128))='SkipTrigger=Y'
BEGIN
    --log your data here
END

for anyone just doing a rogue insert/update/delete they will not have set the CONTEXT_INFO and the trigger will record the change. You could get fancy with the value you put into CONTEXT_INFO, like the table name or @@SPID, etc. if you think the rogue code will attempt to use CONTEXT_INFO as well.

KM  2010-05-14 13:48:08
Might it be wise to program defensively, and "add" your token to whatever may already be set in CONTEXT_INFO? Similiarly, since it's connection based, shouldn't they clear their token at the end of the procedure? And what if a proc calls a proc, you should only add/clear if it's not already there? Could get tricky, but still, it sounds emminently doable.
Philip Kelley  2010-05-14 13:59:17
@Philip Kelley, in the simple example above, I clear it by doing `SET CONTEXT_INFO 0x0` you could store its value prior to changing it and then set it back. You could also push/pop value on, etc. The possibilities are just about endless, and this is only a simple example of the mechanics, not a completely comprehensive one.
KM  2010-05-14 14:05:47
Thanks - this is a great solution.
Ed Harper  2010-05-15 08:55:29

related questions

Sql to query a dbs scheme
Transform Columns into Rows
SQL Client for Mac OS X that works with MS SQL Server
How do you get leading wildcard full-text searches to work in SQL Server?
SQL Server 2000: Is there a way to tell when a record was last modified?
What's the BEST way to remove the time portion of a datetime value (SQL Server)
I need to know how much disk space a table is using in SQL Server
What's the best way to determine if a temporary table exists in SQL Server?
Appropriate pagefile size for SQL Server
Have you ever encountered a query that SQL Server could not execute because it referenced too many tables?
ASP.NET MVC "CRUD" Database Sample
How do I unit test persistence?
Best Book for a new Database Developer
Can I logically reorder columns in a table?
Best way to copy a database in SQL Server 2005/8?
Is Windows Server 2008 "Server Core" appropriate for a SQL Server instance?
Why doesn't SQL Full Text Indexing return results for words containing #?
Client collation and SQL Server 2005
Editing database records by multiple users
Deploying SQL Server Databases from Test to Live
SQL Server 2005 implementation of MySQL REPLACE INTO?
Upgrading SQL Server 6.5
How do I version my MS SQL database in SVN?
How to export data from SQL Server 2005 to MySQL
Check for changes to a SQL table?