This topic provides examples of how to execute SQL queries and materialize objects.
Many applications use stored procedures to gain benefits such as security, performance and encapsulation. Database administrators need only to grant execute permissions on stored procedures. Thus a single data access entry point could be created. Store procedures may significantly reduce SQL injection attacks. For example, you could put validation code in stored procedures and limit the available actions. Another benefit of using stored procedures is the possibility for encapsulation of business logic. Complex data logic and explicit transactions could be written once in stored procedure code and executed from multiple applications. You could handle errors and concurrency violations in stored procedure code, reducing the number of round-trips from your application to the server. Also, stored procedures could be modified without requiring a re-compilation of the client application.