官术网_书友最值得收藏!

Forced parameterization

If an application tends to generate many ad hoc queries, and there is no way to modify the application to parameterize the queries, the Parameterization database option can be changed to Forced. When Forced Parameterization is turned on, SQL Server will replace ALL literal values in ALL ad hoc queries with parameter markers. Take the example of the following query executed in the AdventureWorks sample database:

SELECT LastName, FirstName, MiddleName
FROM Person.Person
WHERE PersonType = N'EM' AND BusinessEntityID IN (5, 7, 13, 17, 19);

This query would be automatically parameterized under Forced Parameterization, as follows:

(@1 nchar(2), @2 int, @3 int, @4 int, @5 int, @6 int)  SELECT LastName, FirstName, MiddleName
FROM Person.Person
WHERE PersonType = @1 AND BusinessEntityID IN (@2, @3, @4, @5, @6);

This has the benefit of increasing the reusability of all ad hoc queries, but there are some risks to parameterizing all literal values in all queries, which will be discussed later in section The importance of parameters.

主站蜘蛛池模板: 宁远县| 潼南县| 平罗县| 芜湖市| 西城区| 桑日县| 公主岭市| 土默特左旗| 托克逊县| 通江县| 遂川县| 淮阳县| 蓬溪县| 安陆市| 措勤县| 乌拉特前旗| 萨嘎县| 涡阳县| 新密市| 健康| 琼结县| 南丹县| 鱼台县| 青阳县| 呼图壁县| 西林县| 南投县| 临西县| 永和县| 泉州市| 义乌市| 洮南市| 武威市| 雷山县| 新郑市| 景泰县| 许昌县| 福海县| 布尔津县| 枣庄市| 宁南县|