Stored Procedures vs Ad Hoc SQL

Stored procedures debate from my point of view:

Pros of using Stored Procedures

Cleaner code. Thousand lines of logic and sql statements can be traded in for hundreds.
Push more work to someone else besides developer. If you have a dedicated DB guy, this can really help in your timing.
Put much more logic into Stored Procedure then Ad Hoc SQL
~~Faster.~~ Ok, maybe a little bit, but with processing power and RAM does this really matter anymore?
Permissions are centralized and encompassed.
Trips to the database server can be reduced.

Cons of using Stored Procedures

Much harder to debug. No UI debugger, stepping thru the code.
Harder to tell were errors lie. Does this lie at the stored procedure or my code calling it? Plus the error codes returned by SQL are cryptic - “Error 512 was called” - Oh yeah, good old error 512.
Parameter list can be really long, which takes away from the cleaner code.
“Stored procedures also will open up a maintenance problem. The reason for this is that they form an API by themselves.” This is the main point that causes me to stay away from Stored Procedures.

I’m not entirely sure which side of the fence I lie. Right now I’m more comfortable with not using stored procedures because of the maintenance factor. I really think LINQ is going to make stored procedures deprecated.

.NET specific - Here is a nice line of code to keep around when working with stored procedures that I end up using when getting the the dreaded “Parameters do not match” error. You can put this on your datasource Inserting Event.

For x As Integer = 0 To e.Command.Parameters.Count - 1
Trace.Write(e.Command.Parameters(x).ParameterName)
Trace.Write(e.Command.Parameters(x).Value)
Next

Written by Tim on June 1st, 2007 with 3 comments.
Read more articles on asp.net and database.

[+] Digg: Feature this article
[+] Del.icio.us: Bookmark this article
[+] Furl: Bookmark this article

Adding Google Chrome to Visual Studio (September 23rd, 2008)
Add Web References to Visual Studio 2008 (February 27th, 2008)
ASP:HyperLink & Mailto (August 15th, 2007)
e.Row.RowState (July 17th, 2007)
Subdomain Cookies and Localhost (May 22nd, 2007)

3 comments

Read the comments left by other users below, or:

Corwin
#1. July 26th, 2007, at 7:06 PM.

You can create test harnesses to test/debug the procs. And if you include tons of commmented out tests in the harness, you can easily retest portions as needed. Stored procs should contain an error handling routine that passes back something better than 512.

Embrace it, logic in the database is a good thing.

Andrew J. Lazarus
#2. December 5th, 2008, at 5:20 AM.

Stored procedures are naturally resistant to SQL injection malicious attacks. Rolling your own is not. Of course, if your queries are not dependent on (possibly malicious) user input, this is moot.

software development london
#3. October 15th, 2009, at 3:28 PM.

That was inspiring,

interesting post, keep up the good work,

Thanks for writing, most people don’t bother.

Leave your comment...

If you want to leave your comment on this article, simply fill out the next form:

You can use these XHTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong> .

Stored Procedures vs Ad Hoc SQL

Related articles

3 comments

Leave your comment...

Article search

About Me

Twitter Updates

Last articles

Categories

Monthly archives

Favourite sites

Blogroll

Subscribe to this site