Solved

Sql Server -  input parameter for query

Posted on 2015-01-20
3
112 Views
Last Modified: 2015-02-01
Hi,

   I have a simple requirement .

     I need to run a query on sql server studio

     How can I use an input variable to declare the Tablename I query

        I was looking something like  select  * from  @MyTable
       But looks like this is not possible (Sql Injection?) , Is there any alternative?
0
Comment
Question by:Sam OZ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 66

Accepted Solution

by:
Jim Horn earned 300 total points
ID: 40559808
Here you go, but the obvious question is why do you want to do this?
CREATE PROC your_proc (@table_name varchar(100)) AS

Declare @sql varchar(1000) 
SELECT @sql = 'SELECT * FROM ' + @table_name

exec sp_executesql @sql
GO

Open in new window

0
 
LVL 50

Expert Comment

by:Lowfatspread
ID: 40559878
you could do it like that but its not advisable...

could you elaborate on why you think select * from "tobeadvisedtable" is a simple requirement....

and why you want to use studio to do it?

realistically how many tables and what sizes are you wanting to access (and what do you intend to do with the results)
0
 
LVL 69

Assisted Solution

by:Scott Pletcher
Scott Pletcher earned 200 total points
ID: 40560080
If you're gonna do this, you might as well add more flexibility into it, such as optionally allowing db name and/or schema name to be specified, as well as a row count (to generate a "TOP (nnn)" expression if needed).


DECLARE @MyTable varchar(1000)
DECLARE @exec_sql bit
DECLARE @rowcount int
DECLARE @column_list varchar(5000)

SET @MyTable = 'table_name'
--SET @MyTable = 'db_name.schema_name.table_name'
SET @exec_sql = 1
--SET @rowcount = 10
--SET @column_list = 'id, customerNumber'

------------------------------------------------------------------------------------------------------------------------

DECLARE @sql varchar(8000)

SET @sql = 'SELECT ' +
    CASE WHEN @rowcount > 0 THEN 'TOP (' + CAST(@rowcount AS varchar(10)) + ') ' ELSE '' END +
    ISNULL(@column_list, '*') +
    ' FROM ' +
    ISNULL('[' + PARSENAME(@MyTable, 3) + '].', '') +
    ISNULL('[' + PARSENAME(@MyTable, 2) + '].', CASE WHEN PARSENAME(@MyTable, 3) IS NULL THEN '' ELSE '.' END) +
    '[' + PARSENAME(@MyTable, 1) + ']'

PRINT @sql
IF @exec_sql > 0
    EXEC(@sql)
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Slowly Changing Dimension Transformation component in data task flow is very useful for us to manage and control how data changes in SSIS.
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question