Solved

Passing options to Stored procedure

Posted on 2011-09-14
3
205 Views
Last Modified: 2012-05-12
Hi There,

My stored procedure takes two parameters from the application, options and amount.
@option can be = or > or <.

How can I take the @option value and replace in the where condition?


USE [Test]
GO

SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO


ALTER PROCEDURE [dbo].[search]


      @option varchar,
      @Amount Decimal

      
AS

      

SELECT
      [Search].[Id],
      [Search].[Amount],

FROM
      [dbo].[Search]
      WHERE
      (
      
            [Search].[Amount] @Option @Amount
      
            --i.e  [Search].[Amount] > @Amount


      )
0
Comment
Question by:theartha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Expert Comment

by:lludden
ID: 36536723
You can use dynamic SQL

ALTER PROCEDURE [dbo].[search]
      @option varchar,
      @Amount Decimal
AS
DECLARE @SQL varchar(max) =
'SELECT
      [Search].[Id],
      [Search].[Amount],

FROM
      [dbo].[Search]
      WHERE  [Search].[Amount] ' +  @Option  + CAST(@Amount as varchar(20))
     
EXECUTE (@SQL)
0
 
LVL 18

Accepted Solution

by:
lludden earned 250 total points
ID: 36536752
If you are not comfortable with dynamic SQL (I am not without very well washed inputs), you can do this:
ALTER PROCEDURE [dbo].[search]
      @option varchar,
      @Amount Decimal
AS
SELECT
      [Search].[Id],
      [Search].[Amount],
FROM
      [dbo].[Search]
      WHERE (@Option = '=' AND Search.Amount = @Amount)
OR
      (@Option = '<' AND Search.Amount < @Amount)
OR
      (@Option = '>' AND Search.Amount > @Amount)

     
     
            [Search].[Amount] @Option @Amount
     
            --i.e  [Search].[Amount] > @Amount


      )
0
 
LVL 15

Assisted Solution

by:tim_cs
tim_cs earned 250 total points
ID: 36536776
You don't want to use dynamic SQL as that opens up security issues.  You could do something like this...
SELECT
   ID
   Amount
FROM
   Search
WHERE
   (Amount = @amount AND @option = 'Equal)
   OR (Amount > @amount AND @option = 'Greater')
   OR (Amount < @amount AND @option = 'Less')

Open in new window

0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

     When we have to pass multiple rows of data to SQL Server, the developers either have to send one row at a time or come up with other workarounds to meet requirements like using XML to pass data, which is complex and tedious to use. There is a …
There have been several questions about Large Transaction Log Files in SQL Server 2008, and how to get rid of them when disk space has become critical. This article will explain how to disable full recovery and implement simple recovery that carries…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question