sqlschool.gr logo

articles

Articles of SQLschool.gr Team

EXECUTE (EXEC) vs. sp_executesql

Antonios Chatzipavlis
Tuesday 02 February 2021

Παρατηρώ ότι αρκετοί προβληματίζονται ή έχουν μπερδευτεί για το πότε πρέπει να χρησιμοποιούν την EXECUTE (περισσότερο γνωστή με την σύντμηση της EXEC) ή την sp_executesql.

Λοιπόν για να βάλουμε τα πράγματα σε σειρά.

EXEC

Η EXEC χρησιμοποιείται για να εκτελέσουμε stored procedures.

Μπορούμε να την χρησιμοποιήσουμε και για την εκτέλεση dynamic queries αλλά αυτά (πλην ελαχίστων εξαιρέσεων) είναι sql injected vulnerable.

sp_executesql

H sp_executesql είναι system stored procedure που έχει δημιουργηθεί για την εκτέλεση dynamic queries και επειδή έχει την δυνατότητα να υποστηρίζει parameterized queries μέσα από την χρήση των parameters που έχει δεν είναι sql injected vulnerable.

Επίσης όταν εκτελούμε ένα dynamic query με την sp_executesql γίνεται επαναχρησιμοποίηση του execution plan άρα έχω καλύτερο performance.

End of story.


//Antonios Chatzipavlis

Antonios Chatzipavlis

Antonios Chatzipavlis

Antonios Chatzipavlis is a highly experienced Data Solutions Consultant and Trainer. He has been working in the IT industry since 1988, holding various roles such as senior developer, IT Manager, Data & AI Solutions Architect and Consultant.

Since 1995, Antonios has focused on modern technologies and software development tools, primarily by Microsoft. He has specialized in Data & AI since 2000, with expertise in Microsoft Data Platform (SQL Server, Azure SQL Databases, Azure Synapse Analytics, Microsoft Fabric, Power BI, AI) and Databricks.

Antonios is also a Microsoft Certified Trainer (MCT) for over 25 years, has been recognized as a Microsoft Most Valuable Professional (MVP) in Data Platform since 2010 and he is in the Data Expert 40 Powerlist 2024 by Boussias. He is the co-founder and visionary behind XLYTiCA, a company dedicated to Data & AI solutions.

Relative Articles

Episode

Task Flows in Microsoft Fabric

image

More Episodes...

Tip

Get Certified: Become a Fabric Data Engineer

More Tips...

Become a member

If you want to receive updates from us become a member to our community.

Connect

Explore

Learn


sqlschool.gr © 2010-2025 All rights reserved

This site uses cookies for operational and analytics purposes only. By continuing to browse this site, you agree to their use.