InstantForum.NET v2.9.0SQLServerCentralhttp://www.sqlservercentral.com/Forums/notifications@sqlservercentral.comFri, 24 May 2013 23:38:43 GMT20http://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspxtq sirWed, 11 Jan 2012 11:52:41 GMTLittle Nickhttp://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspx[quote][b]Little Nick (1/11/2012)[/b][hr]RESOURCE_SEMAPHORE_QUERY_COMPILE waits is high. My understanding, this nothing to do with my ASP.NET code techniqueLet's, my same Stored Procedure is execute 500 a day. Did we have special technique to make it run efficiently?[/quote]Sure it does. You aren't using parameters so every call to sp_executesql is likely requiring a compilation. If you use parameters properly then you will more likely get plan re-use. Even ORM tools like Linq to SQL, EF, hibernate/nhibernate use parameters.Plus, performance isn't your biggest problem in this case it is the security hole you leave open by using non-cleansed input to build a sql string.From [url]http://technet.microsoft.com/en-us/library/cc293620.aspx[/url][quote]Keep in mind that caching is done on a per-batch level. If you try to force parameterization using sp_executesql or Prepare/Execute, all the statements in the batch must be parameterized for the plan to be reusable. If a batch has some parameterized statements and some using constants, each execution of the batch with different constants will be considered distinct, and there will be no value to the parameterization in only part of the batch.[/quote]You might also want to read this post, [url]http://blogs.msdn.com/b/sqlprogrammability/archive/2007/01/21/2-0-diagnosing-plan-cache-related-performance-problems-and-suggested-solutions.aspx[/url]Wed, 11 Jan 2012 10:07:18 GMT Jack Corbetthttp://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspxRESOURCE_SEMAPHORE_QUERY_COMPILE waits is high. My understanding, this nothing to do with my ASP.NET code techniqueLet's, my same Stored Procedure is execute 500 a day. Did we have special technique to make it run efficiently?Wed, 11 Jan 2012 09:38:10 GMTLittle Nickhttp://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspx[quote][b]Little Nick (1/11/2012)[/b][hr]My current code as following,[code="sql"]Dim sqlNm As String = "" Dim sqlNm2 As String = "" Dim strType As String = "" Dim newSQL As String = "" '~~~~~~~~~~~~~~~~~~~~~~~~~~~ Call cbfDataSQLDeclaration() '~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'sqlNm = "select CONm,APId,BUId from tblwfcorules where coid = '" & COBiodataID & "'" 'norsan comment out the above code.Replace with stored proc below. 10/1/2012 sqlNm = "" sqlNm = "EXECUTE sp_executesql N'EXEC dbo.spPRMWFCORulesByCOID ''" & Trim(COBiodataID) & "'''" Try dataSql.SelectData(connectionstring, dr, sqlNm, Nothing) If Not dr Is Nothing Then If dr.HasRows() Then dr.Read() apID = IIf(Convert.IsDBNull(dr("APId")), "", dr("APId").ToString) buID = IIf(Convert.IsDBNull(dr("BUId")), "", dr("BUId").ToString) End If End If dr.Close() Catch ex As Exception : Log.HrmisLog(Page.AppRelativeVirtualPath, "SQL1", Security.GetUserIDBS, ex.Message, True, True, False) Finally : Call cbfDataSQLDispose() End Try[/code]My question as following,1. Did my technique is recommended? FYI, in my SQL Server, wait Category on RESOURCE_SEMAPHORE_QUERY_COMPILE was really high[/quote]I wouldn't be usint this technique. Since you are calling stored procedure within your sp_executesql call I think you should be using a Command object with a CommandType of stored procedure and then using the Parameters collection to create and pass the parameter to the stored procedure. Basically something like this (I may have some syntax or class names wrong because I haven't been working in .NET the last 8 months):[code="vb"]DIM cmd as SQLCommandcmd.Connection = [connection]cmd.CommandType = storedprocedurecmd.CommandText = "dbo.spPRMWFCORulesByCOID"cmd.Parameters.Add("@COID", [Data Type], [Parameter Value]) ' I think this is one way to do the syntaxcmd.Execute[/code]That's the general idea. Some of the syntax may not be right, but you should be able to figure it out. Since you aren't using parameters in your existing code or cleansing input you are leaving yourself open to SQL Injectino attacks.Wed, 11 Jan 2012 09:14:23 GMT Jack Corbetthttp://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspxAvoid dynamic SQL, it is not clear here why you need to use it?Also you do not need to place another EXEC[UTE] as part of the dynamic SQL you are executing.e.g. EXECUTE sp_executesql N'SELECT 1'You should use ado.net commands also.RobWed, 11 Jan 2012 05:21:37 GMTroasdasdb 89asdasdasd013http://www.sqlservercentral.com/Forums/Topic1233893-360-1.aspxMy current code as following,[code="sql"]Dim sqlNm As String = "" Dim sqlNm2 As String = "" Dim strType As String = "" Dim newSQL As String = "" '~~~~~~~~~~~~~~~~~~~~~~~~~~~ Call cbfDataSQLDeclaration() '~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'sqlNm = "select CONm,APId,BUId from tblwfcorules where coid = '" & COBiodataID & "'" 'norsan comment out the above code.Replace with stored proc below. 10/1/2012 sqlNm = "" sqlNm = "EXECUTE sp_executesql N'EXEC dbo.spPRMWFCORulesByCOID ''" & Trim(COBiodataID) & "'''" Try dataSql.SelectData(connectionstring, dr, sqlNm, Nothing) If Not dr Is Nothing Then If dr.HasRows() Then dr.Read() apID = IIf(Convert.IsDBNull(dr("APId")), "", dr("APId").ToString) buID = IIf(Convert.IsDBNull(dr("BUId")), "", dr("BUId").ToString) End If End If dr.Close() Catch ex As Exception : Log.HrmisLog(Page.AppRelativeVirtualPath, "SQL1", Security.GetUserIDBS, ex.Message, True, True, False) Finally : Call cbfDataSQLDispose() End Try[/code]My question as following,1. Did my technique is recommended? FYI, in my SQL Server, wait Category on RESOURCE_SEMAPHORE_QUERY_COMPILE was really highWed, 11 Jan 2012 05:17:31 GMTLittle Nick