Title: Passing a Table to a Stored Procedure in SQL Server
Duration: 19:47 min.
Summary: The T-SQL, which is a superset of the ANSI SQL language used in SQL Server, does not contains common data structures found in programming languages, such as matrix and arrays. Because of that the developers must use other commands when they need to pass the result of a SELECT statement as a parameter for a stored procedure. This video shows four approaches to overcome the lack of data structures in SQL Server: the use of global temporary tables, the use of XML serialization, the use of a view and an instead of trigger to replace a stored procedure and the creation of a specific data type in SQL Server 2008. Three of the four approaches can be used in SQL Server 2000 and 2005 and the last one can be used only in SQL Server 2008.
Technologies: SQL Server
Methodology: The theory of the SQL Injection attack is explained by two examples of SQL statements and then the video discuss a few sted that can be taken by the developers and the DBA in order to prevent the SQL Injection attack in SQL Server 2005.
Built Examples: The video show four examples of how to pass a table as a parameter for a stored procedure using different approaches.
Keywords: SQL Server, Table, Parameter, Stored Procedure.