February 25, 2010 at 2:23 pm
Is is possible to dynamically reference a database and / or a table in a prepared statement?
I'm reviewing a shared stored procedure that takes nvarchar arguments for the name of a database and several tables. It uses them in dynamic sql that is called many times, and I think there would be a significant performance improvement if the dynamic sql could be replaced by a prepared statement.
The proc creates some temp tables and populates them with information retreived from INFORMATION_SCHEMA of the passed-in database, via dynamic sql.
The proc then interates over the temp tables, and in each iteration, builds a string for dynamic sql execution, using both temp table column values and the passed-in database and table values. If it wasn't for the database and table values, I could rewrite the string outside of the iteration loop and execute it via sp_executesql.
For example, if it weren't for the @database reference in the following code:
set @CheckRow =
'insert #RowsUsed ' +
'select ''' + @CheckRowAlias + ''', ''' + @CheckRowTable + ''', ''' + @CheckRowColumn + ''' ' +
'where exists (select 1 ' +
'from [' + @database + '].information_schema.ROUTINE_COLUMNS ' +
'where TABLE_NAME = ''' + @Function + ''' ' +
'and COLUMN_NAME = ''' + @CheckRowAlias + '.' + @CheckRowColumn + ''') ' +
'and not exists (select 1 ' +
'from #PKUsage ' +
'where [PK] = ''' + @CheckRowTable + '.' + @CheckRowColumn + ''') ' +
'and ''' + @CheckRowColumn + ''' != ''PersonPartyID'''
EXEC(@CheckRow)
It could be rewritten as:
set @CheckRow =
N'insert #RowsUsed ' +
'select ''@CheckRowAlias'', ''@CheckRowTable'', ''@CheckRowColumn'' ' +
'where exists (select 1 ' +
'from [ExplicitDatabase].information_schema.ROUTINE_COLUMNS ' +
'where TABLE_NAME = ''@Function'' ' +
'and COLUMN_NAME = ''@CheckRowAlias.@CheckRowColumn'') ' +
'and not exists (select 1 ' +
'from #PKUsage ' +
'where [PK] = ''@CheckRowTable.@CheckRowColumn'') ' +
'and ''@CheckRowColumn'' != ''PersonPartyID'''
set @checkArgs =
N'@CheckRowAlias nvarchar(100),@CheckRowTable nvarchar(100),@checkRowColumn nvarchar(100), @Function nvarchar(100)'
EXEC sp_executesql @CheckRow,@checkArgs,@CheckRowAlias,@CheckRowTable,@CheckRowColumn,@Function
I know there's no way to pass in a table parameter, but is there some way to obtain a reference, or perhaps clone the table to a temp table somehow?
TIA,
Ed
February 25, 2010 at 5:12 pm
Converting it to an sp_executesql would be better than embedded Dynamic SQL for various reasons but it would be much better if you create a Stored Procedure and call the SP...
Please consider Security, SQL Injection, Execution Plans, Reusability of code, etc.
Also when you deploy your code to production it makes it more difficult to identify the source of the problem and is conducive to finger pointing between develop[developers and DBA's.
It makes me cringe when I hear a DBA say that the would prefer to have less Stored Procedures and Functions because it is more work for them.
These are not Mom & Pop Shops but very large Fortune 100 to 1000 Companies...
There are a number of other reasons why you should call SP's.
For better, quicker answers on T-SQL questions, click on the following...
http://www.sqlservercentral.com/articles/Best+Practices/61537/
For better answers on performance questions, click on the following...
http://www.sqlservercentral.com/articles/SQLServerCentral/66909/
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply