Home/ Questions/Q 786177
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T20:59:53+00:00

Is it considered crazy to store common SQL queries for my web app in

  • 0

Is it considered crazy to store common SQL queries for my web app in a database for use in execution? Or is that common practice? Or is it impossible?

My thinking is, this way, I avoid hard-coding SQL into my application files, and add another level of abstraction.

Is this crazy? Is this what a stored procedure is? Or is that something else?

EDIT: The below answers are useful as a background for ‘stored procedures’, but didn’t answer my core question: Is a ‘stored procedure’ just when I have a database table that contains queries that can be called? ie, something like this

INDEX | NAME          | QUERY
1     | show_names    | "SELECT names.first, names.last FROM names;"
2     | show_5_cities | "SELECT cities.city FROM cities LIMIT 0,5;"
etc.

Or is there a more complicated mechanism that encompasses the concept of stored procedures? Is my example an actual example of something people do?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Along with MUG4N’s great reasons on why to use stored procedures, here are three more:

    Security

    You can grant access to your application to execute stored procedures while denying direct table access.

    Think defense in depth. If your app is cracked, then they will be limited to executing ONLY the procedures you have defined. This means things like ‘drop table’ would be explicitly disallowed, unless, of course, you have a procedure to do that.

    Conversely, if your app is cracked and you allow the app to have full access to your sql server, then one of two things will happen. Either your data disappears and/or the cracker easily get’s a copy.

    Unit Testing.
    It’s much easier to unit test your queries if you can hit them directly without having to go through the application itself.

    In Flight Changes:
    If you need to modify a query AFTER you have published your site, it’s much easier to just make a proc change than redeploy code that may have undergone other changes since the last deployment. For example, let’s say you have a page that isn’t performing all that well. After evaluation, you determine that just changing the joins on a query will fix this. Modify the proc and go.

    • 0