Skip to main content
Log inGet a demo
← SQL Dictionary
Database functions

SQL Stored Procedures

What are SQL Stored Procedures?

A SQL Stored Procedure is a named set of one or more SQL statements that can be executed together. It is a database object that is created and stored in the database management system. Stored procedures are typically used for performing common database operations, data processing, and automation of complex tasks. They are particularly valuable for enhancing database security, modularity, and code reusability.

When you would use it

You would use SQL Stored Procedures when you want to:

  1. Enhance security: By allowing controlled access to database operations and reducing the risk of SQL injection attacks.

  2. Modularize code: To break down complex SQL logic into manageable, reusable modules for improved maintainability.

  3. Improve performance: By reducing the overhead of repeatedly sending SQL statements to the database.

  4. Automate tasks: For automating routine or complex database operations and data processing tasks.

  5. Implement business logic: To encapsulate business rules and processes directly in the database.

Syntax

The syntax for creating and executing a SQL Stored Procedure varies slightly depending on the database management system (DBMS) being used. However, here's a generic template:

CREATE PROCEDURE procedure_name
    (parameter1 data_type, parameter2 data_type, ...)
AS
BEGIN
    -- SQL statements and logic
END;
  • procedure_name: The name of the stored procedure.
  • (parameter1, parameter2, ...): Optional input parameters for the procedure.
  • data_type: The data type for each parameter.
  • AS BEGIN ... END: The block of SQL statements and logic to be executed by the procedure.

Parameter values

  • procedure_name: A unique name for the stored procedure.
  • (parameter1, parameter2, ...): Optional. Parameters allow you to pass values to the procedure for use within the SQL statements.
  • data_type: The data type for each parameter, which should match the type of data you intend to pass.

Example query

Here's an example of a simple SQL Stored Procedure in SQL Server that retrieves the names of employees working in a specific department:

CREATE PROCEDURE GetEmployeesInDepartment
    @DepartmentID INT
AS
BEGIN
    SELECT EmployeeName
    FROM Employees
    WHERE DepartmentID = @DepartmentID;
END;

Example table response

Assuming you have an "Employees" table:

| EmployeeID | EmployeeName  | DepartmentID |
| ---------- | ------------- | -----------  |
| 1          | John Smith    | 101          |
| 2          | Mary Johnson  | 102          |
| 3          | Sam Brown     | 101          |
| 4          | Alice White   | 103          |

You can execute the stored procedure like this:

EXEC GetEmployeesInDepartment @DepartmentID = 101;

This will return the names of employees in the "101" department:

| EmployeeName |
| -----------  |
| John Smith   |
| Sam Brown    |

Use cases

  • Data manipulation and processing tasks.
  • Implementing business logic and rules in the database.
  • Reducing the risk of SQL injection attacks.
  • Improving code modularity and maintainability.
  • Automating routine database operations.

SQL languages this is available for

SQL Stored Procedures are available in various relational database management systems (RDBMS), including but not limited to:

  • SQL Server (Transact-SQL)
  • Oracle Database (PL/SQL)
  • MySQL (PL/SQL)
  • PostgreSQL (PL/pgSQL)
  • IBM Db2 (SQL PL)
  • SQLite (using triggers and common table expressions)

Each DBMS has its own implementation and syntax for creating and executing stored procedures, so specific details may vary.


Keep reading

SQL Common Table Expression (CTE)

Read article

SQL Create Database

Read article

SQL Drop Database

Read article

Ready to put your SQL knowledge to work?

Practice writing SQL to call data from the warehouse and sync it into Google Sheets in this 5 minute interactive demo.

Hightouch Audiences user interface.