SQL Server Performance

sp_executesql issue

Discussion in 'T-SQL Performance Tuning for Developers' started by escrima, Aug 17, 2004.

  1. escrima New Member

    Hi there!
    I was wondering if it makes any difference to execute the sp_executesql system store procedure from a class (written in C#,VB.NET or whatever) or from an user store procedure.
    Which of these ways give the best performance?
    Thanks in advance
  2. derrickleggett New Member

    Well, you really shouldn't use it at all. Dynamic SQL wil not ever perform optimally. It's also a big security risk. Because of the security risk, I would definitely try to limit it to user stored procedures though which are very controlled. For more information, do a search on google for sql injection.

    MeanOldDBA
    derrickleggett@hotmail.com

    When life gives you a lemon, fire the DBA.
  3. FrankKalis Moderator

Share This Page