Camillia
asked on
Anything wrong with dynamic SQL in stored proc?
I have a co-worker who says dynamic sql shouldn't be used in stored procs because it defeats the purpose of using SQL. He says it doesnt make sense. He says the dynamic sql should be build in code (C#/ASP.Net in this case) and just run it in the code...
I dont see an issue with using dynamic sqls in stored procs. Any pros/cons?
I dont see an issue with using dynamic sqls in stored procs. Any pros/cons?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
>>From a security point of view neither should be used without validating the input against SQL injection.
do you have an example?
do you have an example?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
-MJC