Stored Procedures
Stored procedures are pre-compiled SQL programs stored in the database and called by name. They encapsulate complex multi-step operations, enforce business logic at the database level, reduce network round-trips, and improve security by abstracting table access.
Stored Procedure Benefits
- Reusable: call by name instead of repeating SQL code
- Reduced network round-trips: multiple SQL statements in one call
- Security: grant EXECUTE permission without exposing table structure
- Pre-compiled: faster execution than ad-hoc SQL in some databases
- Language: PL/pgSQL (PostgreSQL), MySQL Stored Procedures, T-SQL (SQL Server)
- Supports parameters (IN/OUT), control flow (IF/WHILE/LOOP), variables
Stored Procedure Examples
-- PostgreSQL: stored procedure to process an order
CREATE OR REPLACE PROCEDURE process_order(
p_user_id INT,
p_product_id INT,
p_quantity INT,
p_payment_method VARCHAR
)
LANGUAGE plpgsql
AS $$
DECLARE
v_price DECIMAL(10,2);
v_stock INT;
v_order_id INT;
v_total DECIMAL(10,2);
BEGIN
-- Get product info
SELECT price, stock INTO v_price, v_stock
FROM products WHERE id = p_product_id FOR UPDATE;
-- Check stock
IF v_stock < p_quantity THEN
RAISE EXCEPTION 'Insufficient stock for product %', p_product_id;
END IF;
v_total := v_price * p_quantity;
-- Insert order
INSERT INTO orders (user_id, total_amount, status)
VALUES (p_user_id, v_total, 'pending')
RETURNING id INTO v_order_id;
-- Insert payment
INSERT INTO payments (order_id, amount, payment_method, paid_at)
VALUES (v_order_id, v_total, p_payment_method, NOW());
-- Update stock
UPDATE products SET stock = stock - p_quantity WHERE id = p_product_id;
-- Confirm order
UPDATE orders SET status = 'processing' WHERE id = v_order_id;
END;
$$;
-- Call the stored procedure
CALL process_order(1, 1, 2, 'credit_card');
-- '2 Laptops ordered by user 1, paid by credit card'
-- MySQL stored procedure syntax
DELIMITER //
CREATE PROCEDURE get_user_orders(IN p_user_id INT)
BEGIN
SELECT o.id, o.total_amount, o.status
FROM orders o WHERE o.user_id = p_user_id;
END //
DELIMITER ;
CALL get_user_orders(1);Quick Quiz
Tip
Tip
Practice Stored Procedures in small, isolated examples before integrating into larger projects. Breaking concepts into small experiments builds genuine understanding faster than reading alone.
Procedures for logic, functions for calculations, triggers for automation
Common Mistake
Warning
A common mistake with Stored Procedures is skipping edge case testing — empty inputs, null values, and unexpected data types. Always validate boundary conditions to write robust, production-ready sql code.
Practice Task
Note
Practice Task — (1) Write a working example of Stored Procedures from scratch without looking at notes. (2) Modify it to handle an edge case (empty input, null value, or error state). (3) Share your solution in the Priygop community for feedback.
Key Takeaways
- Stored procedures are pre-compiled SQL programs stored in the database and called by name.
- Reusable: call by name instead of repeating SQL code
- Reduced network round-trips: multiple SQL statements in one call
- Security: grant EXECUTE permission without exposing table structure