Solved

Sql Stored Procedure

Posted on 2016-11-07
26
28 Views
Last Modified: 2016-11-08
Hello,

I have stored procedure which select fields from Table1 ,the need is that if one of the parameter is present it should search from table2 .
The SP is
ALTER PROCEDURE  [dbo].[M_Select_table1]
  

      @RequestedBy Nvarchar(255)=null,  @AuthBy Nvarchar(50)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50) =null,@Time VARCHAR(20) = NULL ,@PickUpTime VARCHAR(20) =				  NULL ,@PatientName Nvarchar(MAX)=null,
	  @Ref Nvarchar(50)=null ,@Auth Nvarchar(50)=null,@PickUpAddress Nvarchar(50)=null,@Address Nvarchar(50)=null ,@Comments Nvarchar(MAX)=null,
	  @Interpreter Nvarchar(50)=null,@CarRequest Nvarchar(50)=null,@SpecialInstructions Nvarchar(MAX)=null ,@FaxAuth Nvarchar(50)=null ,
	  @MReportRecieved Nvarchar(50)=null,@EnteredBy Nvarchar(MAX)=null ,@Attachments Nvarchar(50)	=null ,
	  @Title Nvarchar(10)= null ,@FaxNumber Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@DoctorClinic Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
	  @Year_Ref2 VARCHAR(8) =null,@table1 _UID  Nvarchar(MAX)=null

	  
         
AS
BEGIN
	-- SET NOCOUNT ON added to prevent extra result sets from
	-- interfering with SELECT statements.
	SET NOCOUNT ON;  
	
    DECLARE @SQL NVARCHAR(MAX)
    SET @SQL = 'SELECT cast(Ref as int) as Ref,RequestedBy,AuthBy,Date,Time,PickUpTime,PatientName,Auth,PickUpAddress,DoctorClinic,Address,Comments,Interpreter,CarRequest,
				SpecialInstructions,FaxAuth,MReportRecieved,EnteredBy,Attachments,Title,FaxNumber,Attn,table1_UID 
				FROM table1 WHERE ( DeleteRecord is null or DeleteRecord = 0)  '   
	
	   --IF  @Date <> ''
    --        SET @SQL = @SQL + '   AND DATE = ''' + CAST(@Date AS VARCHAR(20))  + '''' 	 

	    IF @Date1  <> '' AND @Date2  <> ''
		      SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''		  
	    ELSE IF  @Date1  <> ''
			  SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''	
		Else IF @Date2  <> ''
			   SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''
	   IF  @PickUpTime <> ''
             SET @SQL = @SQL + '  AND CAST(PickUpTime AS Time) = ''' + @PickUpTime + ''''
       IF  @PatientName <> '' 	       
			 SET @SQL = @SQL + '  AND PatientName LIKE  ''%' + CAST(@PatientName AS  Nvarchar(MAX)) +  '%'''
       IF  @PickUpAddress <> ''
             SET @SQL = @SQL + '  AND PickUpAddress LIKE ''%'+ CAST(@PickUpAddress AS  Nvarchar(50)) + '%'''
	   IF  @AuthBy  <> ''
             SET @SQL = @SQL + '  AND AuthBy = ''' +  CAST(@AuthBy AS NVARCHAR(50))+ ''''
	  IF  @Time <> ''
             SET @SQL = @SQL + '  AND CAST(Time AS Time) = ''' + @Time + ''''
	   IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + '''' 	 		
	   IF  @Auth   <> ''       
	         SET @SQL = @SQL + '  AND Auth  LIKE  ''%'+ CAST(@Auth  AS  Nvarchar(50)) + '%'''			 		
	   IF  @RequestedBy  <> ''       
	         SET @SQL = @SQL + '  AND RequestedBy = ''' +  CAST(@RequestedBy AS NVARCHAR(50))+ ''''
   	   IF  @DoctorClinic  <> ''
             SET @SQL = @SQL + '  AND DoctorClinic LIKE ''%'+ CAST(@DoctorClinic AS NVARCHAR(50)) + '%'''
	   IF  @Address   <> ''
             SET @SQL = @SQL + '  AND Address LIKE ''%'+ CAST(@Address AS NVARCHAR(50)) + '%'''
       IF  @Comments   <> ''
             SET @SQL = @SQL + '  AND Comments LIKE ''%'+ CAST(@Comments AS NVARCHAR(max)) + '%'''
	   IF  @Interpreter  <> ''
             SET @SQL = @SQL + '  AND  Interpreter LIKE ''%'+ CAST(@Interpreter AS NVARCHAR(50)) + '%'''
       IF  @CarRequest   <> ''
             SET @SQL = @SQL + '  AND  CarRequest LIKE ''%'+ CAST(@CarRequest AS NVARCHAR(50)) + '%'''
       IF  @SpecialInstructions  <> ''
             SET @SQL = @SQL + '  AND  SpecialInstructions LIKE ''%'+ CAST(@SpecialInstructions AS NVARCHAR(max)) + '%'''
       IF  @FaxAuth   <> ''
             SET @SQL = @SQL + '  AND  FaxAuth LIKE ''%'+ CAST(@FaxAuth AS NVARCHAR(50)) + '%'''
	   IF  @MReportRecieved  <> ''
             SET @SQL = @SQL + '  AND  MReportRecieved LIKE ''%'+ CAST(@MReportRecieved AS NVARCHAR(50)) + '%'''
	   IF  @EnteredBy <> ''
             SET @SQL = @SQL + '  AND  EnteredBy  LIKE ''%'+ CAST(@EnteredBy AS NVARCHAR(max)) + '%'''
	   IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(50)) + '%'''
	   IF  @Title <> ''
             SET @SQL = @SQL + '  AND  Title  LIKE ''%'+ CAST(@Title AS NVARCHAR(10)) + '%'''
	   IF  @FaxNumber <> ''
             SET @SQL = @SQL + '  AND  FaxNumber LIKE ''%'+ CAST(@FaxNumber AS NVARCHAR(50)) + '%'''    
	   IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(50)) + '%'''   
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
		      SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))  			  
	    ELSE IF  @Year_Ref1  <> ''
			  SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
		Else IF @Year_Ref2  <> ''
			   SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
			  
     




----	A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

	   SET @SQL = @SQL + 'ORDER BY Ref Asc'	
	   SET @SQL = @SQL 

       EXECUTE (@SQL)
	   INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
	   
	  --Print @SQL
	 

Open in new window


Now, if faxAuth is present then the search query should be

if faxAuth is <> '' then

  SET @SQL = 'SELECT cast(Ref as int) as Ref,dBy,AuthBy,Date
                        FROM table2 WHERE ( DeleteRecord is null or DeleteRecord = 0)  '  

How can i achieve this

Cheers
0
Comment
Question by:RIAS
  • 17
  • 8
26 Comments
 
LVL 45

Accepted Solution

by:
Vitor Montalvão earned 500 total points
ID: 41877044
Use a variable for SELECT, another one for FROM and another one for the WHERE clause.
This way you can built each part of the query separately and perform the validations that you need:
ALTER PROCEDURE  [dbo].[M_Select_table1]
  
      @RequestedBy Nvarchar(255)=null,  @AuthBy Nvarchar(50)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50) =null,@Time VARCHAR(20) = NULL ,@PickUpTime VARCHAR(20) =NULL ,@PatientName Nvarchar(MAX)=null,
	  @Ref Nvarchar(50)=null ,@Auth Nvarchar(50)=null,@PickUpAddress Nvarchar(50)=null,@Address Nvarchar(50)=null ,@Comments Nvarchar(MAX)=null,
	  @Interpreter Nvarchar(50)=null,@CarRequest Nvarchar(50)=null,@SpecialInstructions Nvarchar(MAX)=null ,@FaxAuth Nvarchar(50)=null ,
	  @MReportRecieved Nvarchar(50)=null,@EnteredBy Nvarchar(MAX)=null ,@Attachments Nvarchar(50)	=null ,
	  @Title Nvarchar(10)= null ,@FaxNumber Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@DoctorClinic Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
	  @Year_Ref2 VARCHAR(8) =null,@table1 _UID  Nvarchar(MAX)=null
         
AS
BEGIN
	-- SET NOCOUNT ON added to prevent extra result sets from
	-- interfering with SELECT statements.
	SET NOCOUNT ON;  
	
    DECLARE @SQL NVARCHAR(MAX)
	DECLARE @Where NVARCHAR(MAX)=''
	DECLARE @From NVARCHAR(MAX)=''
    SET @SQL = 'SELECT cast(Ref as int) as Ref,RequestedBy,AuthBy,Date,Time,PickUpTime,PatientName,Auth,PickUpAddress,DoctorClinic,Address,Comments,Interpreter,CarRequest,
				SpecialInstructions,FaxAuth,MReportRecieved,EnteredBy,Attachments,Title,FaxNumber,Attn,table1_UID '
	
	   --IF  @Date <> ''
    --        SET @SQL = @SQL + '   AND DATE = ''' + CAST(@Date AS VARCHAR(20))  + '''' 	 

	    IF @Date1  <> '' AND @Date2  <> ''
		      SET @Where =@Where+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''		  
	    ELSE IF  @Date1  <> ''
			  SET @Where = @Where+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''	
		Else IF @Date2  <> ''
			   SET @Where = @Where+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''
	   IF  @PickUpTime <> ''
             SET @Where = @Where + '  AND CAST(PickUpTime AS Time) = ''' + @PickUpTime + ''''
       IF  @PatientName <> '' 	       
			 SET @Where = @Where + '  AND PatientName LIKE  ''%' + CAST(@PatientName AS  Nvarchar(MAX)) +  '%'''
       IF  @PickUpAddress <> ''
             SET @Where = @Where + '  AND PickUpAddress LIKE ''%'+ CAST(@PickUpAddress AS  Nvarchar(50)) + '%'''
	   IF  @AuthBy  <> ''
             SET @Where = @Where + '  AND AuthBy = ''' +  CAST(@AuthBy AS NVARCHAR(50))+ ''''
	  IF  @Time <> ''
             SET @Where = @Where + '  AND CAST(Time AS Time) = ''' + @Time + ''''
	   IF  @Ref  <> ''
             SET @Where = @Where + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + '''' 	 		
	   IF  @Auth   <> ''       
	         SET @Where = @Where + '  AND Auth  LIKE  ''%'+ CAST(@Auth  AS  Nvarchar(50)) + '%'''			 		
	   IF  @RequestedBy  <> ''       
	         SET @Where = @Where + '  AND RequestedBy = ''' +  CAST(@RequestedBy AS NVARCHAR(50))+ ''''
   	   IF  @DoctorClinic  <> ''
             SET @Where = @Where + '  AND DoctorClinic LIKE ''%'+ CAST(@DoctorClinic AS NVARCHAR(50)) + '%'''
	   IF  @Address   <> ''
             SET @Where = @Where + '  AND Address LIKE ''%'+ CAST(@Address AS NVARCHAR(50)) + '%'''
       IF  @Comments   <> ''
             SET @Where = @Where + '  AND Comments LIKE ''%'+ CAST(@Comments AS NVARCHAR(max)) + '%'''
	   IF  @Interpreter  <> ''
             SET @Where = @Where + '  AND  Interpreter LIKE ''%'+ CAST(@Interpreter AS NVARCHAR(50)) + '%'''
       IF  @CarRequest   <> ''
             SET @Where = @Where + '  AND  CarRequest LIKE ''%'+ CAST(@CarRequest AS NVARCHAR(50)) + '%'''
       IF  @SpecialInstructions  <> ''
             SET @Where = @Where + '  AND  SpecialInstructions LIKE ''%'+ CAST(@SpecialInstructions AS NVARCHAR(max)) + '%'''
       IF  @FaxAuth   <> ''
             SET @Where = @Where + '  AND  FaxAuth LIKE ''%'+ CAST(@FaxAuth AS NVARCHAR(50)) + '%'''
	   IF  @MReportRecieved  <> ''
             SET @Where = @Where + '  AND  MReportRecieved LIKE ''%'+ CAST(@MReportRecieved AS NVARCHAR(50)) + '%'''
	   IF  @EnteredBy <> ''
             SET @Where = @Where + '  AND  EnteredBy  LIKE ''%'+ CAST(@EnteredBy AS NVARCHAR(max)) + '%'''
	   IF  @Attachments <> ''
             SET @Where = @Where + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(50)) + '%'''
	   IF  @Title <> ''
             SET @Where = @Where + '  AND  Title  LIKE ''%'+ CAST(@Title AS NVARCHAR(10)) + '%'''
	   IF  @FaxNumber <> ''
             SET @Where = @Where + '  AND  FaxNumber LIKE ''%'+ CAST(@FaxNumber AS NVARCHAR(50)) + '%'''    
	   IF  @Attn <> ''
             SET @Where = @Where + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(50)) + '%'''   
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
		      SET @Where =@Where+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))  			  
	    ELSE IF  @Year_Ref1  <> ''
			  SET @Where = @Where+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
		Else IF @Year_Ref2  <> ''
			   SET @Where = @Where+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
			  
     
		IF @Where=''
			BEGIN
				SET @From = ' FROM table2 '
				SET @Where = 'WHERE ( DeleteRecord is null or DeleteRecord = 0) ' + @Where
			END
		ELSE
			BEGIN
				SET @From = ' FROM table1 '
				SET @Where = 'WHERE ( DeleteRecord is null or DeleteRecord = 0)'
			END



----	A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

	   SET @SQL = @SQL + @From + @Where + ' ORDER BY Ref Asc'	

       EXECUTE (@SQL)
       INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
	   
	  --Print @SQL

Open in new window

1
 

Author Comment

by:RIAS
ID: 41877048
ThanksVitor,
Will try and get right back
0
 
LVL 32

Expert Comment

by:ste5an
ID: 41877069
And use sp_executesql. Your current code allows SQL injection. E.g. what happens when you search for patient named O'Neill?

Also use exact data types and use a parameter test, which does not depend on your unknown connection settings (SET ANSI_NULLS ON|OFF). E.g.

DECLARE @CarRequest NVARCHAR(255) = NULL;

SET ANSI_NULLS OFF;
SELECT  CASE WHEN @CarRequest <> '' THEN '<>""'
             ELSE '??'
        END ,
        CASE WHEN ISNULL(@CarRequest, '') <> '' THEN '<>""'
             ELSE '??'
        END;

SET ANSI_NULLS ON;
SELECT  CASE WHEN @CarRequest <> '' THEN '<>""'
             ELSE '??'
        END ,
        CASE WHEN ISNULL(@CarRequest, '') <> '' THEN '<>""'
             ELSE '??'
        END;

Open in new window


Use ISNULL(@CarRequest, '') <> '' to test for non-empty strings. And depending on your input a LTRIM(RTRIM(input_variable) should be considered.
1
 

Author Closing Comment

by:RIAS
ID: 41877198
Cheers mate!
0
 

Author Comment

by:RIAS
ID: 41877244
Vitor,

It does not work quite right.

When faxAuth is present it should have a query like :

SELECT * FROM
CORRESPONDENCE b LEFT JOIN DIARY a ON a.REF = b.REF
where  a.FaxAuth = 'Yes'

Any suggestion.
0
 

Author Comment

by:RIAS
ID: 41877248
Stored procedure is
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence]
  

   
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
         @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
         @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null

         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
       SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

       SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
                           FROM CORRESPONDENCE WHERE ( DeleteRecord is null or DeleteRecord = 0) '       
       
        IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    
          IF  @Auth   <> ''       
             --SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
                   SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          IF  @FaxAuth <> ''
             SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          IF  @To <> ''
             SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          IF  @Regarding <> ''
             SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          IF  @SentBy <> ''
             SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          IF  @FaxNo <> ''
             SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          IF  @FaxLetterMemo <> ''
             SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
    
          IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
                    SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
           ELSE IF  @Year_Ref1  <> ''
                       SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
              Else IF @Year_Ref2  <> ''
                        SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       
     




----   A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

          SET @SQL = @SQL + 'ORDER BY Ref Asc'         
          SET @SQL = @SQL 

       EXECUTE (@SQL)
          INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
         --Print @SQL
       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877253
The requirement was if faxAuth = 'Yes'  then

SELECT * FROM
CORRESPONDENCE b LEFT JOIN DIARY a ON a.REF = b.REF
where  a.FaxAuth = 'Yes'  and  
  IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''              
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''      
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''      

Cheers!
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877262
When faxAuth is present it should have a query like :
Is this a new requirement? I can see by the SELECT that you're not using table1 nor table2.
Also you're referencing an "a" table that looks like is missing in your SELECT.
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877278
The requirement was if faxAuth = 'Yes'  then
Ohh, missed that. I will review the code and back to you asap.
0
 

Author Comment

by:RIAS
ID: 41877288
Hey thanks Vitor,
Please ignore the SP I posted in my first post. The later one is correct.
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877302
Please ignore the SP I posted in my first post. The later one is correct.
Ok but still missing table "a".
Also the date validation is only true for this exception (faxAuth = 'Yes'  )?
0
 

Author Comment

by:RIAS
ID: 41877307
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence]
  

   
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
         @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
         @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null

         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
       SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

       SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
                           FROM CORRESPONDENCE WHERE ( DeleteRecord is null or DeleteRecord = 0) '       
       
        IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    
          IF  @Auth   <> ''       
             --SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
                   SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          IF  @FaxAuth <> ''
             SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          IF  @To <> ''
             SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          IF  @Regarding <> ''
             SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          IF  @SentBy <> ''
             SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          IF  @FaxNo <> ''
             SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          IF  @FaxLetterMemo <> ''
             SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
    
          IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
                    SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
           ELSE IF  @Year_Ref1  <> ''
                       SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
              Else IF @Year_Ref2  <> ''
                        SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       
     




----   A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

          SET @SQL = @SQL + 'ORDER BY Ref Asc'         
          SET @SQL = @SQL 

       EXECUTE (@SQL)
          INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
         --Print @SQL
       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877310
This one is the correct Sp.

yes,the validation is for faxAuth ='yes' and also consider the dates as parameter for filteration of the rows which have faxauth 'yes'.

Date and faxauth are the common columns between the two tables.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:RIAS
ID: 41877323
Thank you so much mate!
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877329
Try this version:
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence] 
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
      @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
      @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null
         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
	SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

	IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT * 
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

	END

	ELSE
	BEGIN
		SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
					FROM CORRESPONDENCE 
					WHERE (DeleteRecord is null or DeleteRecord = 0) '       
       
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
				SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          
		IF  @Ref  <> ''
			SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    

		IF  @Auth   <> ''       
			--SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
			SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          
		IF  @FaxAuth <> ''
			SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          
		IF  @Attachments <> ''
			SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          
		IF  @To <> ''
			SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          
		IF  @Regarding <> ''
			SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          
		IF  @SentBy <> ''
			SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          
		IF  @FaxNo <> ''
			SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          
		IF  @Attn <> ''
			SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          
		IF  @FaxLetterMemo <> ''
			SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
			SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
		ELSE IF  @Year_Ref1  <> ''
				SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
			Else IF @Year_Ref2  <> ''
					SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       

	----A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).
	----Before than ---> WHERE date < @date
	----Later than --> WHERE date > @date

		SET @SQL = @SQL + 'ORDER BY Ref Asc'         
	END
	
	EXECUTE (@SQL)
    INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
	--Print @SQL

Open in new window

1
 

Author Comment

by:RIAS
ID: 41877335
trying mate...
0
 

Author Comment

by:RIAS
ID: 41877337
Thanks,
When I give date criteria , it says ambiguous column name Date ?
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877340
When I give date criteria , it says ambiguous column name Date ?
"Date and faxauth are the common columns between the two tables. "

Looks like you'll need to provide the table alias so the engine knows from which table it needs to perform the filter.
0
 

Author Comment

by:RIAS
ID: 41877343
How do i do it?
0
 

Author Comment

by:RIAS
ID: 41877349
Tryimng this :

IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT b.[Date], cast(b.Ref as int) as b.Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

	END

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877359
Vitor ,

This worked

	SET @SQL = 'SELECT   b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND b.Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and b.Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  b.Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  b.Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877362
Really can't thank you enough! Genius!
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877368
Good that you've worked it out :)
Cheers
0
 

Author Comment

by:RIAS
ID: 41877370
Vitor,

Only the thing is multiple identical  rows are displayed where as it should be only one .
0
 
LVL 45

Expert Comment

by:Vitor Montalvão
ID: 41877392
This means your JOIN doesn't restrict to single records. You'll need to work it out or add a GROUP BY clause:
IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND b.Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and b.Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  b.Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  b.Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
			
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

		SET @SQL = @SQL + ' GROUP BY b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID'
	END

Open in new window

1
 

Author Comment

by:RIAS
ID: 41878345
Thanks Vitor,All done! Worked perfectly.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to setup several different housekeeping processes for a SQL Server.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now