Stored Procedure returning no results

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

Stored Procedure returning no results

Message

From

30/05/2012 10:18:26

Frank Cazabon
Samaan Systems Ltd
St Augustine, Trinidad

30/05/2012 09:24:29

Borislav Borissov
Microcomplex
Sofia, Bulgaria

General information

Forum:

Microsoft SQL Server

Category:

Stored procedures, Triggers, UDFs

Title:

Re: Stored Procedure returning no results

Environment versions

SQL Server:

SQL Server 2008

Miscellaneous

Thread ID:

01544680

Message ID:

01544768

Views:

>>>>I don't understand why my code isn't working as I use the identical technique in another SP and it works wonderfully
>>>
>>>But this works:
>>>

>>>DECLARE @Test TABLE (Fld1 NVARCHAR(50))
>>>INSERT INTO @Test VALUES ('WLIF20120047')
>>>DECLARE @LikePerc nvarchar(50)
>>>DECLARE @LikeWoPerc nvarchar(50)
>>>SET @LikePerc = 'WLIF20120047%'
>>>SET @LikeWoPerc = 'WLIF20120047'
>>>SELECT * FROM @Test WHERE Fld1 LIKE @LikePerc
>>>SELECT * FROM @Test WHERE Fld1 LIKE @LikeWoPerc
>>>

>>
>>So Boris,
>>
>>are you telling me to always add the % on at the end of the string I pass?
>
>Yes (of course when you use LIKE operator :-)).

But when I run your sample code I get results for both SELECTs, so I don't need the % to get the correct result.

Somebody has indicated that my type of code is susceptible to SQL Injection. I thought the use of Parameters made that impossible. What do you say?

Frank.

Frank Cazabon
Samaan Systems Ltd.
www.samaansystems.com

Map

View

Click here to load this message in the networking platform