I have code in ASP that passes a comma delimited string parameter to a stored procedure ie: '75,18,92,'. This list can be variable in length.
The stored procedure then needs to use this string with a IN statement ie:
update datefield where id IN (@parameterList)
The problem occurs as the field 'id' is an integer. I cannot use EXEC @SQLCommand as i dont want to set permisions on the table. ie, the table does not have select,update etc.. permisions. All work is done via stored procedures which have the appropriate permisions.
Esentially, what im looking for is being able to pass the list to the stored procedure and then do the following: Update TableName SET datefield = GETDATE() where id IN ('75,18,92')