Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Stored Procedure always faster?
Message
 
À
28/07/2006 14:55:12
Dragan Nedeljkovich (En ligne)
Now officially retired
Zrenjanin, Serbia
Information générale
Forum:
Visual FoxPro
Catégorie:
Client/serveur
Titre:
Re: Stored Procedure always faster?
Versions des environnements
Database:
MS SQL Server
Divers
Thread ID:
01140442
Message ID:
01141317
Vues:
28
>>Mike,
>>
>>You are deluding yourself if you think that ?x is less susceptible to SQL injection attacks.
>>
>>It's a fairly high cost in the overhead of VFP communicating parameters to ODBC, compositing the SQL string yourself runs quite a bit faster.
>
>I doubt VFP is passing parameters to ODBC - I think it's just preprocessing the string from "xxxx xxxx xxxx ?y xxx" to become something like
>
@var1='content of y'
>xxxx xxxx xxxx @var1 xxx
>and then passing that string to ODBC. And I think VFP composes it faster than we could.

In fact VFP passes parameters to SQL Server. When you use something like:
par1 = 1
SQLEXEC(sqlH,[SELECT .... FROM .... WHERE someFld = ?m.par1])
The actual command passed to SQL Server is:
exec sp_executesql N'SELECT .... from .... WHERE someFld = @P1 ',N'@P1 float',1
Against Stupidity the Gods themselves Contend in Vain - Johann Christoph Friedrich von Schiller
The only thing normal about database guys is their tables.
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform