I just made a few random points, please add some more.
1. Precompiled, optimized and highly efficient. This avoids the inefficiency of SQL statements being transmitted over the network and then interpreted.
2. If the company has a dedicated DBA, he can write the stored procedure, and the programmer only needs to call it according to the interface he provides. It's clearer to do it this way.
3. Easy to modify. It is troublesome to modify the SQL statements embedded in the program, and it is often not sure whether everything that should be changed has been changed. It is more convenient to modify the stored procedure on SQL Server. You can directly change the stored procedure, and the program that calls it basically does not need to be touched, unless the changes are relatively large (such as changing the parameters passed in, the data returned, etc.).
4. It will be safer. There will be no SQL statement injection issues.
Of course, there are disadvantages. Especially when the business logic is more complex, it would be very tiring to write it all in stored procedures.
Source: laifangsong's blog