Stored Procedure

Re: Stored Procedure

The short answer is yes. One reason is that it's good to be consistent
about storing all your queries in one place. Another reason is that even a
simple query can give significant performance benefits if it's called
frequently and/or under heavy load. Another reason is the security that SQL
Server provides.

At very least use ADO.NET parameter objects even if you go with plain text
sql. They will protect you from SQL Injection Attacks.

Here's more info:




--
I hope this helps,
Steve C. Orr, MCSD, MVP




"wrytat" <wrytat@discuss ions.microsoft. com> wrote in message
news:DC924351-4226-4B6C-AEC8-53FDD9FE1738@mi crosoft.com...[color=blue]
>I read that using stored procedures in your codes can make it more
>efficient.
> But say if I only want to do simple queries like Select Col1 From Table1
> Where Col1="ABC", should I actually use a stored procedure?[/color]

Re: Stored Procedure

What I'm concerned here is that if I use a DataAdapter to update a table, I
can catch the DBConcurrencyEx ception error and use it's Row property to get
the affected row. If I use a stored procedure to update my table, how do I
know when concurrency occurs? And how do I react?

Thank you.

"Steve C. Orr [MVP, MCSD]" wrote:
[color=blue]
> The short answer is yes. One reason is that it's good to be consistent
> about storing all your queries in one place. Another reason is that even a
> simple query can give significant performance benefits if it's called
> frequently and/or under heavy load. Another reason is the security that SQL
> Server provides.
>
> At very least use ADO.NET parameter objects even if you go with plain text
> sql. They will protect you from SQL Injection Attacks.
>
> Here's more info:
> http://msdn.microsoft.com/library/de...classtopic.asp
>
> http://msdn.microsoft.com/library/de...isualbasic.asp
>
> --
> I hope this helps,
> Steve C. Orr, MCSD, MVP
> http://SteveOrr.net
>
>
>
> "wrytat" <wrytat@discuss ions.microsoft. com> wrote in message
> news:DC924351-4226-4B6C-AEC8-53FDD9FE1738@mi crosoft.com...[color=green]
> >I read that using stored procedures in your codes can make it more
> >efficient.
> > But say if I only want to do simple queries like Select Col1 From Table1
> > Where Col1="ABC", should I actually use a stored procedure?[/color]
>
>
>[/color]

Re: Stored Procedure

DataAdapters can call stored procedures, so I don't see any conflict.

--
I hope this helps,
Steve C. Orr, MCSD, MVP



"wrytat" <wrytat@discuss ions.microsoft. com> wrote in message
news:59B85C67-6159-4D82-87D9-9F650C2441EC@mi crosoft.com...[color=blue]
> What I'm concerned here is that if I use a DataAdapter to update a table,
> I
> can catch the DBConcurrencyEx ception error and use it's Row property to
> get
> the affected row. If I use a stored procedure to update my table, how do I
> know when concurrency occurs? And how do I react?
>
> Thank you.
>
> "Steve C. Orr [MVP, MCSD]" wrote:
>[color=green]
>> The short answer is yes. One reason is that it's good to be consistent
>> about storing all your queries in one place. Another reason is that even
>> a
>> simple query can give significant performance benefits if it's called
>> frequently and/or under heavy load. Another reason is the security that
>> SQL
>> Server provides.
>>
>> At very least use ADO.NET parameter objects even if you go with plain
>> text
>> sql. They will protect you from SQL Injection Attacks.
>>
>> Here's more info:
>> http://msdn.microsoft.com/library/de...classtopic.asp
>>
>> http://msdn.microsoft.com/library/de...isualbasic.asp
>>
>> --
>> I hope this helps,
>> Steve C. Orr, MCSD, MVP
>> http://SteveOrr.net
>>
>>
>>
>> "wrytat" <wrytat@discuss ions.microsoft. com> wrote in message
>> news:DC924351-4226-4B6C-AEC8-53FDD9FE1738@mi crosoft.com...[color=darkred]
>> >I read that using stored procedures in your codes can make it more
>> >efficient.
>> > But say if I only want to do simple queries like Select Col1 From
>> > Table1
>> > Where Col1="ABC", should I actually use a stored procedure?[/color]
>>
>>
>>[/color][/color]