Showing posts with label Difference between sp_executesql and EXEC() in Sql Server. Show all posts
Showing posts with label Difference between sp_executesql and EXEC() in Sql Server. Show all posts

21 April 2011

Difference between sp_executesql and EXEC() in Sql Server

Difference between sp_executesql and EXEC() in Sql Server


EXEC() - whose first parameter is a parameterized SQL statement.
sp_executesql - The second parameter is a parameter-list declaration, similar to the parameter
list present in the declaration of a stored procedure.

If the malicious user enters a value as Sql Injection EXEC() execute the maliculous code
but sp_executesql It will search for the value ' or '1'='1 as product name in the database.
Thus preventing SQL Injection attacks.

Consistency level in Azure cosmos db

 Consistency level in Azure cosmos db Azure Cosmos DB offers five well-defined consistency levels to provide developers with the flexibility...