Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Passing options to Stored procedure

Posted on 2011-09-14
3
Medium Priority
?
210 Views
Last Modified: 2012-05-12
Hi There,

My stored procedure takes two parameters from the application, options and amount.
@option can be = or > or <.

How can I take the @option value and replace in the where condition?


USE [Test]
GO

SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO


ALTER PROCEDURE [dbo].[search]


      @option varchar,
      @Amount Decimal

      
AS

      

SELECT
      [Search].[Id],
      [Search].[Amount],

FROM
      [dbo].[Search]
      WHERE
      (
      
            [Search].[Amount] @Option @Amount
      
            --i.e  [Search].[Amount] > @Amount


      )
0
Comment
Question by:theartha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Expert Comment

by:lludden
ID: 36536723
You can use dynamic SQL

ALTER PROCEDURE [dbo].[search]
      @option varchar,
      @Amount Decimal
AS
DECLARE @SQL varchar(max) =
'SELECT
      [Search].[Id],
      [Search].[Amount],

FROM
      [dbo].[Search]
      WHERE  [Search].[Amount] ' +  @Option  + CAST(@Amount as varchar(20))
     
EXECUTE (@SQL)
0
 
LVL 18

Accepted Solution

by:
lludden earned 1000 total points
ID: 36536752
If you are not comfortable with dynamic SQL (I am not without very well washed inputs), you can do this:
ALTER PROCEDURE [dbo].[search]
      @option varchar,
      @Amount Decimal
AS
SELECT
      [Search].[Id],
      [Search].[Amount],
FROM
      [dbo].[Search]
      WHERE (@Option = '=' AND Search.Amount = @Amount)
OR
      (@Option = '<' AND Search.Amount < @Amount)
OR
      (@Option = '>' AND Search.Amount > @Amount)

     
     
            [Search].[Amount] @Option @Amount
     
            --i.e  [Search].[Amount] > @Amount


      )
0
 
LVL 15

Assisted Solution

by:tim_cs
tim_cs earned 1000 total points
ID: 36536776
You don't want to use dynamic SQL as that opens up security issues.  You could do something like this...
SELECT
   ID
   Amount
FROM
   Search
WHERE
   (Amount = @amount AND @option = 'Equal)
   OR (Amount > @amount AND @option = 'Greater')
   OR (Amount < @amount AND @option = 'Less')

Open in new window

0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question