The Database Monastery

Stored Procedures

Stored Procedures

The Secret to Streamlining Your Database

Kareem Olawale's photo
Kareem Olawale
·

5 min read

Table of contents

Stored procedures are a powerful tool for improving the efficiency and scalability of your database system. In this article, we'll explore what stored procedures are, how they work, and why they are a crucial component for optimizing database performance.

What Are Stored Procedures?

Stored procedures are pre-written database routines that are saved in the database and executed when required. They are used to automate repetitive database tasks and to boost performance by minimizing the amount of code that needs to be executed by the database.

How Do Stored Procedures Work?

The creation of a stored procedure involves using the CREATE PROCEDURE statement, followed by the procedure's parameters, characteristics, and routine body. The parameters determine the input and output of the procedure, while the characteristics outline its behaviour. The routine body is the SQL code that the procedure executes.

Once a stored procedure is created, it can be run by calling it with the EXECUTE statement and any necessary input parameters. The stored procedure will then execute the routine body and return the output parameters if defined.

Why Use Stored Procedures?

The use of stored procedures offers several benefits, including:

  1. Enhanced Performance: Stored procedures cut down the amount of code that needs to be executed, leading to improved performance and faster response times.

  2. Scalability: By automating repetitive tasks, stored procedures make it easier to expand your database system as your data grows.

  3. Enhanced Security: Stored procedures restrict direct access to the database tables and enforce data validation rules, providing improved security for your data.

  4. Reusability: Stored procedures allow you to reuse common database tasks across multiple applications and projects, reducing the amount of code you need to maintain.

  5. Easier Maintenance: Stored procedures provide a centralized location for managing database logic, making it easier to maintain and update your database system over time.

CREATE DEFINER = CURRENT_USER
PROCEDURE GetSalary (IN empID INT, OUT salary DECIMAL(10,2))
COMMENT 'Retrieves the salary of an employee based on their ID'
LANGUAGE SQL
DETERMINISTIC
CONTAINS SQL
SQL SECURITY DEFINER
BEGIN
  SELECT salary INTO salary
  FROM employees
  WHERE empID = empID;
END

Explanation:

  1. CREATE DEFINER = CURRENT_USER: The stored procedure is created with the security privileges of the current user.

  2. PROCEDURE GetSalary (IN empID INT, OUT salary DECIMAL(10,2)): The stored procedure is named GetSalary and has two parameters: empID of type INT and salary of type DECIMAL(10,2). empID is an IN parameter, meaning it is used to pass a value into the stored procedure, while salary is an OUT parameter, meaning it is used to pass a value out of the stored procedure.

  3. COMMENT 'Retrieves the salary of an employee based on their ID': This adds a comment to the stored procedure for documentation purposes.

  4. LANGUAGE SQL: The stored procedure is written in SQL.

  5. DETERMINISTIC: The stored procedure always produces the same result for the same input values.

  6. CONTAINS SQL: The stored procedure contains SQL statements.

  7. SQL SECURITY DEFINER: The stored procedure is executed with the security privileges of the account specified in the DEFINER clause.

  8. BEGIN ... END: This is the body of the stored procedure, which contains a single SELECT statement that retrieves the salary of an employee based on their ID and stores it in the salary parameter.

Here is an explanation of each of the keywords in the sample stored procedure code:

CREATE DEFINER = CURRENT_USER

The CREATE keyword is used to create a stored procedure, and the DEFINER clause specifies the security privileges under which the stored procedure will be executed. In this case, the stored procedure will be executed with the security privileges of the current user.

PROCEDURE GetSalary (IN empID INT, OUT salary DECIMAL(10,2))

The PROCEDURE keyword is used to declare a stored procedure. The name of the stored procedure is "GetSalary", and it has two parameters: empID of type INT and salary of type DECIMAL(10,2). The IN keyword specifies that empID is an input parameter, meaning its value will be passed into the stored procedure, while the OUT keyword specifies that salary is an output parameter, meaning its value will be returned from the stored procedure.

COMMENT 'Retrieves the salary of an employee based on their ID'

The COMMENT keyword is used to add a comment to the stored procedure, which provides documentation and information about the purpose of the stored procedure.

LANGUAGE SQL

The LANGUAGE keyword specifies the language in which the stored procedure is written, in this case SQL.

DETERMINISTIC

The DETERMINISTIC keyword specifies that the stored procedure always produces the same result for the same input values.

CONTAINS SQL

The CONTAINS SQL keyword specifies that the stored procedure contains SQL statements.

SECURITY DEFINER

The SQL SECURITY clause specifies the security context under which the stored procedure will be executed. In this case, the stored procedure will be executed with the security privileges of the account specified in the DEFINER clause.

The keywords BEGIN and END are used in stored procedures to define the body of the procedure. The BEGIN keyword marks the beginning of the block of statements that make up the procedure, and the END keyword marks the end of the block. Anything between the BEGIN and END keywords is considered part of the stored procedure and will be executed whenever the procedure is called.

For example:

CREATE PROCEDURE ExampleProcedure()
BEGIN
  -- Some SQL statements here
END

Thank you for reading.

Databases#SQLtutorial SQLdatabase designdatabasemanagement