Hi all I wanted to know when I should prefer writing stored procedures over writing programming logic and pulling data using a ORM or something else.
views:
166answers:
6
+8
A:
Stored procedures are executed on server side.
This means that processing large amounts of data does not require passing these data over the network connection.
Also, with stored procedures, you can build consistent complicated business logic.
Say, you need to update the account balance each time you insert a transaction, and you need to insert many transactions at once.
Instead of doing this with triggers (which are implemented using inefficient record-by-record approach in many systems), you can pass a table variable or temporary table with the inputs and issue a set-based SQL statement inside the procedure. This will be much more efficient.
Quassnoi
2010-05-17 15:22:49
+1 for a great insight that is often overlooked (or not mentioned).
Justin Ethier
2010-05-17 15:28:48
+1 for consistent business logic. -1 for temporary tables
Joel Coehoorn
2010-05-17 15:56:37
@Joel: not all engines support table variables.
Quassnoi
2010-05-17 15:59:15
Ya never thought of using it over triggers...also i guess one of the things...is having logic on database side means you can reuse with any other platform or language...but ya your answer sums it up well..
Misnomer
2010-05-17 16:02:15
+3
A:
I prefer SPs over programming logic mainly for two reasons
- Performance, anything what will reduce result set or can be more effectively done on the server, e.g.:
- paging
- filtering
- ordering (on indexed columns)
- Security -- if someone have got application's access to the database and wants to wipe out your all your records, having to execute
Row_Deletefor single each of them instead ofDELETE FROM Rowsalready sounds good.
Regent
2010-05-17 15:26:11
The paging/filtering/ordering would still be done server-side in any OR/M worth its salt.
BlueRaja - Danny Pflughoeft
2010-05-17 15:58:14
+2
A:
Never unless you identify a performance issue. (largely opinion)
(a Jeff blog post!) http://www.codinghorror.com/blog/2004/10/who-needs-stored-procedures-anyways.html
If you see stored procs as optimizations: http://en.wikipedia.org/wiki/Program_optimization#When_to_optimize
Eugarps
2010-05-17 15:27:47
In the old days, performance was an issue which is why that argument used to come up. Today, most embedded sql can run as fast as stored procs. Regardless, there are many additional reasons to use procs.
Chris Lively
2010-05-17 16:10:28
This topic is like abortion or gay marriage, you can't win when you argue it. Still, I will say that the only time I personally use stored procs is when my boss forces me to against my better judgement or when there is a production performance concern.
Eugarps
2010-05-17 16:26:32
I like this quote: "Stored Procedures should be considered database assembly language: for use in only the most performance critical situations"
mgroves
2010-05-17 16:32:21
I actually pasted that quote into a comment before deciding not to use it. Definately an excellent analogy.
Eugarps
2010-05-17 16:38:49
I should also add that ORM handling mass updates can be cumbersome - this may not be a problem for long but it is a compelling reason to use stored procs (a batch of update statements is less desirable than an update/where statement). Still, most of these situations can probably be handled as a one-off by a DBA as opposed to in code.
Eugarps
2010-07-15 00:18:01
+1
A:
As ever, much of your decision as to which to use will depend on your application and its environment.
There are a couple of schools of thought here, and this debate always arouses strong sentiments on both sides.
The advantanges of Stored Procedures (as well as the large data moving that Quassnoi has mentioned) are that the logic is tied down in the database, and therefore potentially more secure. It is also only ever in one place.
However, there will be others who believe that the place for application logic should be in the application, especially if you are planning to access other types of datebases (for which you will have to write often different SPs).
Another consideration may be the skills of the resources you have to implement your application.
kevinw
2010-05-17 15:28:46
+3
A:
When appropriate.
- complex data validation/checking logic
- avoid several round trips to do one action in the DB
- several clients
- anything that should be set based
You can't say "never" or "always".
There is also the case where the database engine will outlive your client code. I bet there's more DAL or ORM upgrades/refactoring that DB engine upgrades/refactoring going on.
Finally, why can't I encapsulate code in a stored proc? Isn't that a good thing?
gbn
2010-05-17 15:54:13
+1
A:
The point at which stored procedures become preferable to an ORM is that point at which you have multiple applications talking to the same database. At this point, you want your query logic embedded in one place, rather than once per application. And even here, you might want to prefer a service layer (which can scale horizontally) instead of the database (which only scales vertically).
Joel Coehoorn
2010-05-17 15:58:24
@Chris - you can add additional app servers much more easily than you can add additional db servers hosting the _same_ db. Granted, being that big is one of those "good" problems to have.
Joel Coehoorn
2010-05-17 16:18:13