Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Suresh Maganti The RECOMPILE Options RE: The RECOMPILE Options

  • July 7, 2011 at 8:09 am

    #1349731

    Marry Krissmess (7/7/2011)

    anil_kumar32 (7/7/2011)

    [font="Times New Roman"]

    Good things that comes with SP are security, less network traffic and SQL injection aviodance.

    [/font]

    Attention with security. Sometimes SPs execute with admin permissions even when the user does not have this level. Network traffic is indeed reduced. BUT you can easily write an SP where injection is possible for example when you create the ad-hoc SQL inside the SP.

    Only when you do that wrong. for an example of how to generate dynamic SQL in a stored proc and still be relatively safe from injection read Gail's blog

    http://sqlinthewild.co.za/index.php/2009/03/19/catch-all-queries/


    --Mark Tassin
    MCITP - SQL Server DBA
    Proud member of the Anti-RBAR alliance.
    For help with Performance click this link[/url]
    For tips on how to post your problems[/url]