Solved

ASP page, stored procedure, dynamic where clause problem

Posted on 2006-10-21
3
236 Views
Last Modified: 2012-06-27
MS SQL Server 2000 (remotely hosted by others)
ASP

Hi, and thank you very much, in advance, for any help you can offer!

I am able to retrieve records from several stored procedures on an ASP page, so there should be no connectivity issues.

But, my big headache is a stored procedure that has a dynamic WHERE clause. In trying to troubleshoot the problem, I have used Response.Write to get an exact copy of the parameter, and I have executed the stored procedure (using MS SQL Server Management Studio), and have pasted that exact phrase as the "Value." It works!

But when I try to run it from the ASP page, I get the following error:
=================================================
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'

[Microsoft][ODBC SQL Server Driver]Invalid character value for cast specification

/RCTSearchResults.asp, line 1143
=================================================

Just for reference, here are lines 1142, and line 1143. 1143 is the .Open(), and that's where it fails:
rsInvItems.Source = "{call dbo.sp7smInvDynSql37(" + strSQLSourceString +  ")}"
rsInvItems.Open ()

I have looked up the error by code and by searching, to no avail. As far as I can tell, there is no "difficult" type casting (like dates) - I'm using only integers (tinyint and smallint integers.) Obviously, sending a string with numbers in the string forces SQL Server to typecast text strings into integers, but remember, the exact same phrase will work as the value parameter when input at the server.

Here's the latest attempt at the dynamic WHERE clause that is the parameter:

strSQLSourceString = ((dbo.tblInv.intInvDisplay = 1) AND (fk_intInvSpecID IN (3)) AND (fk_intInvStatID = 2) ) ORDER BY strItemTypeN, strSpecName, strPatt, fk_intInvStatID DESC, curInvPrice DESC

Note that I am using the "IN" operator, in case that helps to figure this out.

Finally, so anyone willing to help will have everything, here is enough of the stored procedure to give you an idea if anything is wrong. You'll see that I tried both ways to execute, and I have tried declaring the @SQLStatement as both varchar and nvarchar. The stored proc is kind of big, so I snipped out what would probably not be necessary to see for troubleshooting:

=======================================================

ALTER Procedure [dbo].[sp7smInvDynSql37] (@DynSQLString varchar(1000) )

AS

DECLARE @SQLStatement nvarchar(4000)

set @SQLStatement = 'SELECT dbo.tblInv.pk_intInvIID,
    dbo.tblItemType.strItemTypeName,
    dbo.tblSpecies.strSpecName,

   (snip)

    dbo.tblInvItemStatus.strInvItemStatus
FROM dbo.tblInv INNER JOIN
    dbo.tblItemType ON

   (snip)

 WHERE ' + '  ' + @DynSQLString  + ' '
 
-- EXEC sp_executesql @SQLStatement
EXEC (@SQLStatement)

=====================================

Again, thanks for any help you can offer.

Dennis
0
Comment
Question by:dtleahy
  • 2
3 Comments
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
ID: 17780520
you need single quotes around the string value:

rsInvItems.Source = "{call dbo.sp7smInvDynSql37('" + strSQLSourceString +  "')}"


I assume that the following line:
strSQLSourceString = ((dbo.tblInv.intInvDisplay = 1) AND (fk_intInvSpecID IN (3)) AND (fk_intInvStatID = 2) ) ORDER BY strItemTypeN, strSpecName, strPatt, fk_intInvStatID DESC, curInvPrice DESC
is actually:

strSQLSourceString = "((dbo.tblInv.intInvDisplay = 1) AND (fk_intInvSpecID IN (3)) AND (fk_intInvStatID = 2) ) ORDER BY strItemTypeN, strSpecName, strPatt, fk_intInvStatID DESC, curInvPrice DESC "

0
 

Author Comment

by:dtleahy
ID: 17780806
Thast's it!

AngelIII, you are indeed an angel! And, a bright one too! Thank you VERY much! I am happy to award the 500 points, and a big cyber-hug to you!

Dennis
0
 

Author Comment

by:dtleahy
ID: 17780817
"Thast's it!" = "That's it!"
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Nowadays, some of developer are too much worried about data. Who is using data, who is updating it etc. etc. Because, data is more costlier in term of money and information. So security of data is focusing concern in days. Lets' understand the Au…
Introduction In my previous article (http://www.experts-exchange.com/Microsoft/Development/MS-SQL-Server/SSIS/A_9150-Loading-XML-Using-SSIS.html) I showed you how the XML Source component can be used to load XML files into a SQL Server database, us…
Via a live example, show how to extract information from SQL Server on Database, Connection and Server properties
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now