Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Is there any equivalent of indirection (macro) in T-SQL?
Message
From
31/01/2007 14:59:09
Mike Yearwood
Toronto, Ontario, Canada
 
 
To
31/01/2007 14:47:55
Alex Feldstein
Florida, United States
General information
Forum:
Microsoft SQL Server
Category:
SQL syntax
Title:
Re: Is there any equivalent of indirection (macro) in T-SQL?
Environment versions
SQL Server:
SQL Server 2000
Miscellaneous
Thread ID:
01191074
Message ID:
01191093
Views:
12
>>Look at sp_executesql in TSQL. It has limits and can be a pain, but sometimes it is pretty handy.
>
>Ahh. I read about it now in BOL.
>So something like this should work then:
>
>-- passed param: @ColumnName2Get
>DECLARE @SQLString VARCHAR(500)
>
>SET @SQLString = 'SELECT ' + @ColumnName2Get + CHAR(13)
>SET @SQLString = @SQLString + 'WHERE condition_here'
>
>EXEC sp_executesql @SQLString
>
>Will rewrite and try it now. Thx.

Hey Alex

You can create the SQL in a stored procedure like that, but since you're going to call sp_ExecuteSQL you still have to watch out for SQL Injection attacks. I just finished an article for FPA on the proper way to prevent them. Keep an eye out for it.
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform