Using stored procedures in your Data Access code from ASP.Net applications stops most (not all) SQL Injection Attacks and also ensure that the query is executed with the same parameters in the same order and format each time allowing the query optimizer to use the same query plan on subsequent executions. So it makes good sense to use stored procedures for almost all access to your database. The only problem with this practice is the time that it takes to create at least 4 stored procedures for each table in your database. We need a procedure for Insert, one for Select, one for Update and One for Delete. We may even need additional stored procedures to get customers by email or to search for customers by FirstName or LastName. In a database that has 1,000 tables that means at a minimum we are creating 4,000 stored procedures.
So in order to lighten the DBAs workload we can use an SSMS Add-in (SSMS = SQL Server Management Studio) or a CRUD script (CRUD = Create, Read, Update, Delete) to automate the creation of our Insert, Select, Update and Delete statements.
I found a nifty little script that creates stored procedures for Select, Insert, Update and Delete for all of the tables in a Database or for a Single table when a TableName Variable is set. You can find this script in the Demos folder on the ProDataMan Portal with the Name ISUD with Prefix and Schema Support.sql or you can use the following link to download: CRUDScript
*New: I finally updated CRUDScript for Schema support!
Someone told me about a feature of the SSMS Toolkit a SSMS Add-in available here: SSMS Toolkit
This tool allows you to create CRUD stored procedures for tables based on fully customizable templates that you can change to suit your needs. But this tool does so much more!! See the Features page for more details