?
Solved

exec sp_executesql syntax error

Posted on 2009-05-06
4
Medium Priority
?
539 Views
Last Modified: 2012-05-06
I am attempting to retrieve records based on security I have set in a SQL table.
I have a field named ufilter that contains the filter to be applied to the data set.
In this case, the filter is: schoolnum = '032'
I keep receiving the error 'Incorrect syntax near 'schoolnum'.
I tested the SQL that is generated to the @cmd variable and the correct records are returned.

Any guidance would be most appreciated.


ALTER proc spPrincipalTest
(
@uid varchar(30)
)
as
 
DECLARE @ufilter nvarchar(200)
DECLARE @uexpdate datetime
DECLARE @CMD nvarchar(200)
 
select @ufilter=ufilter, @uexpdate=uexpdate from UFILTERS where uid=@uid
 
Print @ufilter
 
IF ISNULL(@ufilter, 'ZZTOP') = 'ZZTOP'
	BEGIN
		select * from dvASTUCurrentShort where 1 = 2
	END
 
IF @ufilter = 'NONE'
	BEGIN
		select * from dvASTUCurrentShort order by Lastname, Firstname
	END
ELSE
	BEGIN
		set @cmd = 'select * from dvASTUCurrentShort where ' + @ufilter
		print @cmd
		exec sp_executesql @cmd, @ufilter 
	END
 
Output:
schoolnum='032'
select * from dvASTUCurrentShort where schoolnum='032'
Incorrect syntax near 'schoolnum'.
No rows affected.
(0 row(s) returned)
@RETURN_VALUE = 0
Finished running [dbo].[spPrincipalTest].

Open in new window

0
Comment
Question by:JEClark
  • 2
4 Comments
 
LVL 75

Accepted Solution

by:
Aneesh Retnakaran earned 1000 total points
ID: 24318456

replace exec sp_executesql @cmd, @ufilter with EXEC(@cmd)
0
 

Author Comment

by:JEClark
ID: 24318537
Thanks for the quick response!
0
 
LVL 39

Expert Comment

by:BrandonGalderisi
ID: 24318545
You don't need to pass @ufilter into the sp_executesql command.

changed:
            exec sp_executesql @cmd, @ufilter

to

            exec sp_executesql @cmd

ALTER proc spPrincipalTest
(
@uid varchar(30)
)
as
 
DECLARE @ufilter nvarchar(200)
DECLARE @uexpdate datetime
DECLARE @CMD nvarchar(200)
 
select @ufilter=ufilter, @uexpdate=uexpdate from UFILTERS where uid=@uid
 
Print @ufilter
 
IF ISNULL(@ufilter, 'ZZTOP') = 'ZZTOP'
	BEGIN
		select * from dvASTUCurrentShort where 1 = 2
	END
 
IF @ufilter = 'NONE'
	BEGIN
		select * from dvASTUCurrentShort order by Lastname, Firstname
	END
ELSE
	BEGIN
		set @cmd = 'select * from dvASTUCurrentShort where '   @ufilter
		print @cmd
		exec sp_executesql @cmd
	END

Open in new window

0
 
LVL 39

Expert Comment

by:BrandonGalderisi
ID: 24318557
That WILL work, but you should be using sp_executeSQL.  The problem was that you were passing @ufilter in and didn't need to.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
Among the most obnoxious of Exchange errors is error 1216 – Attached Database Mismatch error of the Jet Database Engine. When faced with this error, users may have to suffer from mailbox inaccessibility and in worst situations, permanent data loss.
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…
SQL Database Recovery Software repairs the MDF & NDF Files, corrupted due to hardware related issues or software related errors. Provides preview of recovered database objects and allows saving in either MSSQL, CSV, HTML or XLS format. Ensures recov…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question