Dynamic SQL tutorial video
Dynamic SQL video tutorial presents how to use EXEC and sp_executesql command to create dynamic code.
Dynamic SQL holds great power. Using dynamic SQL wisely, you can get flexible solutions and great performance benefits. Using it unwisely often leads to lengthy, inefficient code that is open to SQL Injection attacks. Dynamic SQL, like cursors and temporary tables, is an area of Transact SQL that should be used with caution.
One important use of EXEC and sp_executesql command is to construct code dynamically for automated maintenance activities such as refreshing views, and the like. Another important use of EXEC and sp_executesql command is supporting applications that allow to choose dynamic filters. Dynamic SQL can also be used to pivot and unpivot data.
Find out how to do SQL Injection, and how to prevent it.
Watch Dynamic T-SQL video course and learn by practical examples. 4 lessons, total length 32 minutes.
- EXEC and sp_executesql (07:10)
EXEC command, EXEC and Environmental Settings, sp_execute
- Dynamic SQL and refreshing views (06:50)
sp_executesql and sp_refreshview
- Dynamic pivot/unpivot (08:55)
pivot and unpivot data
- Dynamic SQL and SQL Injections (09:30)
code constructed dynamically at client, protecting against SQL injection, Code constructed dynamically at server