Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Sql Stored Procedure

Posted on 2016-11-07
26
Medium Priority
?
81 Views
Last Modified: 2016-11-08
Hello,

I have stored procedure which select fields from Table1 ,the need is that if one of the parameter is present it should search from table2 .
The SP is
ALTER PROCEDURE  [dbo].[M_Select_table1]
  

      @RequestedBy Nvarchar(255)=null,  @AuthBy Nvarchar(50)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50) =null,@Time VARCHAR(20) = NULL ,@PickUpTime VARCHAR(20) =				  NULL ,@PatientName Nvarchar(MAX)=null,
	  @Ref Nvarchar(50)=null ,@Auth Nvarchar(50)=null,@PickUpAddress Nvarchar(50)=null,@Address Nvarchar(50)=null ,@Comments Nvarchar(MAX)=null,
	  @Interpreter Nvarchar(50)=null,@CarRequest Nvarchar(50)=null,@SpecialInstructions Nvarchar(MAX)=null ,@FaxAuth Nvarchar(50)=null ,
	  @MReportRecieved Nvarchar(50)=null,@EnteredBy Nvarchar(MAX)=null ,@Attachments Nvarchar(50)	=null ,
	  @Title Nvarchar(10)= null ,@FaxNumber Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@DoctorClinic Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
	  @Year_Ref2 VARCHAR(8) =null,@table1 _UID  Nvarchar(MAX)=null

	  
         
AS
BEGIN
	-- SET NOCOUNT ON added to prevent extra result sets from
	-- interfering with SELECT statements.
	SET NOCOUNT ON;  
	
    DECLARE @SQL NVARCHAR(MAX)
    SET @SQL = 'SELECT cast(Ref as int) as Ref,RequestedBy,AuthBy,Date,Time,PickUpTime,PatientName,Auth,PickUpAddress,DoctorClinic,Address,Comments,Interpreter,CarRequest,
				SpecialInstructions,FaxAuth,MReportRecieved,EnteredBy,Attachments,Title,FaxNumber,Attn,table1_UID 
				FROM table1 WHERE ( DeleteRecord is null or DeleteRecord = 0)  '   
	
	   --IF  @Date <> ''
    --        SET @SQL = @SQL + '   AND DATE = ''' + CAST(@Date AS VARCHAR(20))  + '''' 	 

	    IF @Date1  <> '' AND @Date2  <> ''
		      SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''		  
	    ELSE IF  @Date1  <> ''
			  SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''	
		Else IF @Date2  <> ''
			   SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''
	   IF  @PickUpTime <> ''
             SET @SQL = @SQL + '  AND CAST(PickUpTime AS Time) = ''' + @PickUpTime + ''''
       IF  @PatientName <> '' 	       
			 SET @SQL = @SQL + '  AND PatientName LIKE  ''%' + CAST(@PatientName AS  Nvarchar(MAX)) +  '%'''
       IF  @PickUpAddress <> ''
             SET @SQL = @SQL + '  AND PickUpAddress LIKE ''%'+ CAST(@PickUpAddress AS  Nvarchar(50)) + '%'''
	   IF  @AuthBy  <> ''
             SET @SQL = @SQL + '  AND AuthBy = ''' +  CAST(@AuthBy AS NVARCHAR(50))+ ''''
	  IF  @Time <> ''
             SET @SQL = @SQL + '  AND CAST(Time AS Time) = ''' + @Time + ''''
	   IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + '''' 	 		
	   IF  @Auth   <> ''       
	         SET @SQL = @SQL + '  AND Auth  LIKE  ''%'+ CAST(@Auth  AS  Nvarchar(50)) + '%'''			 		
	   IF  @RequestedBy  <> ''       
	         SET @SQL = @SQL + '  AND RequestedBy = ''' +  CAST(@RequestedBy AS NVARCHAR(50))+ ''''
   	   IF  @DoctorClinic  <> ''
             SET @SQL = @SQL + '  AND DoctorClinic LIKE ''%'+ CAST(@DoctorClinic AS NVARCHAR(50)) + '%'''
	   IF  @Address   <> ''
             SET @SQL = @SQL + '  AND Address LIKE ''%'+ CAST(@Address AS NVARCHAR(50)) + '%'''
       IF  @Comments   <> ''
             SET @SQL = @SQL + '  AND Comments LIKE ''%'+ CAST(@Comments AS NVARCHAR(max)) + '%'''
	   IF  @Interpreter  <> ''
             SET @SQL = @SQL + '  AND  Interpreter LIKE ''%'+ CAST(@Interpreter AS NVARCHAR(50)) + '%'''
       IF  @CarRequest   <> ''
             SET @SQL = @SQL + '  AND  CarRequest LIKE ''%'+ CAST(@CarRequest AS NVARCHAR(50)) + '%'''
       IF  @SpecialInstructions  <> ''
             SET @SQL = @SQL + '  AND  SpecialInstructions LIKE ''%'+ CAST(@SpecialInstructions AS NVARCHAR(max)) + '%'''
       IF  @FaxAuth   <> ''
             SET @SQL = @SQL + '  AND  FaxAuth LIKE ''%'+ CAST(@FaxAuth AS NVARCHAR(50)) + '%'''
	   IF  @MReportRecieved  <> ''
             SET @SQL = @SQL + '  AND  MReportRecieved LIKE ''%'+ CAST(@MReportRecieved AS NVARCHAR(50)) + '%'''
	   IF  @EnteredBy <> ''
             SET @SQL = @SQL + '  AND  EnteredBy  LIKE ''%'+ CAST(@EnteredBy AS NVARCHAR(max)) + '%'''
	   IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(50)) + '%'''
	   IF  @Title <> ''
             SET @SQL = @SQL + '  AND  Title  LIKE ''%'+ CAST(@Title AS NVARCHAR(10)) + '%'''
	   IF  @FaxNumber <> ''
             SET @SQL = @SQL + '  AND  FaxNumber LIKE ''%'+ CAST(@FaxNumber AS NVARCHAR(50)) + '%'''    
	   IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(50)) + '%'''   
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
		      SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))  			  
	    ELSE IF  @Year_Ref1  <> ''
			  SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
		Else IF @Year_Ref2  <> ''
			   SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
			  
     




----	A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

	   SET @SQL = @SQL + 'ORDER BY Ref Asc'	
	   SET @SQL = @SQL 

       EXECUTE (@SQL)
	   INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
	   
	  --Print @SQL
	 

Open in new window


Now, if faxAuth is present then the search query should be

if faxAuth is <> '' then

  SET @SQL = 'SELECT cast(Ref as int) as Ref,dBy,AuthBy,Date
                        FROM table2 WHERE ( DeleteRecord is null or DeleteRecord = 0)  '  

How can i achieve this

Cheers
0
Comment
Question by:RIAS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 17
  • 8
26 Comments
 
LVL 52

Accepted Solution

by:
Vitor Montalvão earned 2000 total points
ID: 41877044
Use a variable for SELECT, another one for FROM and another one for the WHERE clause.
This way you can built each part of the query separately and perform the validations that you need:
ALTER PROCEDURE  [dbo].[M_Select_table1]
  
      @RequestedBy Nvarchar(255)=null,  @AuthBy Nvarchar(50)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50) =null,@Time VARCHAR(20) = NULL ,@PickUpTime VARCHAR(20) =NULL ,@PatientName Nvarchar(MAX)=null,
	  @Ref Nvarchar(50)=null ,@Auth Nvarchar(50)=null,@PickUpAddress Nvarchar(50)=null,@Address Nvarchar(50)=null ,@Comments Nvarchar(MAX)=null,
	  @Interpreter Nvarchar(50)=null,@CarRequest Nvarchar(50)=null,@SpecialInstructions Nvarchar(MAX)=null ,@FaxAuth Nvarchar(50)=null ,
	  @MReportRecieved Nvarchar(50)=null,@EnteredBy Nvarchar(MAX)=null ,@Attachments Nvarchar(50)	=null ,
	  @Title Nvarchar(10)= null ,@FaxNumber Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@DoctorClinic Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
	  @Year_Ref2 VARCHAR(8) =null,@table1 _UID  Nvarchar(MAX)=null
         
AS
BEGIN
	-- SET NOCOUNT ON added to prevent extra result sets from
	-- interfering with SELECT statements.
	SET NOCOUNT ON;  
	
    DECLARE @SQL NVARCHAR(MAX)
	DECLARE @Where NVARCHAR(MAX)=''
	DECLARE @From NVARCHAR(MAX)=''
    SET @SQL = 'SELECT cast(Ref as int) as Ref,RequestedBy,AuthBy,Date,Time,PickUpTime,PatientName,Auth,PickUpAddress,DoctorClinic,Address,Comments,Interpreter,CarRequest,
				SpecialInstructions,FaxAuth,MReportRecieved,EnteredBy,Attachments,Title,FaxNumber,Attn,table1_UID '
	
	   --IF  @Date <> ''
    --        SET @SQL = @SQL + '   AND DATE = ''' + CAST(@Date AS VARCHAR(20))  + '''' 	 

	    IF @Date1  <> '' AND @Date2  <> ''
		      SET @Where =@Where+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''		  
	    ELSE IF  @Date1  <> ''
			  SET @Where = @Where+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''	
		Else IF @Date2  <> ''
			   SET @Where = @Where+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''
	   IF  @PickUpTime <> ''
             SET @Where = @Where + '  AND CAST(PickUpTime AS Time) = ''' + @PickUpTime + ''''
       IF  @PatientName <> '' 	       
			 SET @Where = @Where + '  AND PatientName LIKE  ''%' + CAST(@PatientName AS  Nvarchar(MAX)) +  '%'''
       IF  @PickUpAddress <> ''
             SET @Where = @Where + '  AND PickUpAddress LIKE ''%'+ CAST(@PickUpAddress AS  Nvarchar(50)) + '%'''
	   IF  @AuthBy  <> ''
             SET @Where = @Where + '  AND AuthBy = ''' +  CAST(@AuthBy AS NVARCHAR(50))+ ''''
	  IF  @Time <> ''
             SET @Where = @Where + '  AND CAST(Time AS Time) = ''' + @Time + ''''
	   IF  @Ref  <> ''
             SET @Where = @Where + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + '''' 	 		
	   IF  @Auth   <> ''       
	         SET @Where = @Where + '  AND Auth  LIKE  ''%'+ CAST(@Auth  AS  Nvarchar(50)) + '%'''			 		
	   IF  @RequestedBy  <> ''       
	         SET @Where = @Where + '  AND RequestedBy = ''' +  CAST(@RequestedBy AS NVARCHAR(50))+ ''''
   	   IF  @DoctorClinic  <> ''
             SET @Where = @Where + '  AND DoctorClinic LIKE ''%'+ CAST(@DoctorClinic AS NVARCHAR(50)) + '%'''
	   IF  @Address   <> ''
             SET @Where = @Where + '  AND Address LIKE ''%'+ CAST(@Address AS NVARCHAR(50)) + '%'''
       IF  @Comments   <> ''
             SET @Where = @Where + '  AND Comments LIKE ''%'+ CAST(@Comments AS NVARCHAR(max)) + '%'''
	   IF  @Interpreter  <> ''
             SET @Where = @Where + '  AND  Interpreter LIKE ''%'+ CAST(@Interpreter AS NVARCHAR(50)) + '%'''
       IF  @CarRequest   <> ''
             SET @Where = @Where + '  AND  CarRequest LIKE ''%'+ CAST(@CarRequest AS NVARCHAR(50)) + '%'''
       IF  @SpecialInstructions  <> ''
             SET @Where = @Where + '  AND  SpecialInstructions LIKE ''%'+ CAST(@SpecialInstructions AS NVARCHAR(max)) + '%'''
       IF  @FaxAuth   <> ''
             SET @Where = @Where + '  AND  FaxAuth LIKE ''%'+ CAST(@FaxAuth AS NVARCHAR(50)) + '%'''
	   IF  @MReportRecieved  <> ''
             SET @Where = @Where + '  AND  MReportRecieved LIKE ''%'+ CAST(@MReportRecieved AS NVARCHAR(50)) + '%'''
	   IF  @EnteredBy <> ''
             SET @Where = @Where + '  AND  EnteredBy  LIKE ''%'+ CAST(@EnteredBy AS NVARCHAR(max)) + '%'''
	   IF  @Attachments <> ''
             SET @Where = @Where + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(50)) + '%'''
	   IF  @Title <> ''
             SET @Where = @Where + '  AND  Title  LIKE ''%'+ CAST(@Title AS NVARCHAR(10)) + '%'''
	   IF  @FaxNumber <> ''
             SET @Where = @Where + '  AND  FaxNumber LIKE ''%'+ CAST(@FaxNumber AS NVARCHAR(50)) + '%'''    
	   IF  @Attn <> ''
             SET @Where = @Where + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(50)) + '%'''   
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
		      SET @Where =@Where+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))  			  
	    ELSE IF  @Year_Ref1  <> ''
			  SET @Where = @Where+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
		Else IF @Year_Ref2  <> ''
			   SET @Where = @Where+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
			  
     
		IF @Where=''
			BEGIN
				SET @From = ' FROM table2 '
				SET @Where = 'WHERE ( DeleteRecord is null or DeleteRecord = 0) ' + @Where
			END
		ELSE
			BEGIN
				SET @From = ' FROM table1 '
				SET @Where = 'WHERE ( DeleteRecord is null or DeleteRecord = 0)'
			END



----	A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

	   SET @SQL = @SQL + @From + @Where + ' ORDER BY Ref Asc'	

       EXECUTE (@SQL)
       INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
	   
	  --Print @SQL

Open in new window

1
 

Author Comment

by:RIAS
ID: 41877048
ThanksVitor,
Will try and get right back
0
 
LVL 35

Expert Comment

by:ste5an
ID: 41877069
And use sp_executesql. Your current code allows SQL injection. E.g. what happens when you search for patient named O'Neill?

Also use exact data types and use a parameter test, which does not depend on your unknown connection settings (SET ANSI_NULLS ON|OFF). E.g.

DECLARE @CarRequest NVARCHAR(255) = NULL;

SET ANSI_NULLS OFF;
SELECT  CASE WHEN @CarRequest <> '' THEN '<>""'
             ELSE '??'
        END ,
        CASE WHEN ISNULL(@CarRequest, '') <> '' THEN '<>""'
             ELSE '??'
        END;

SET ANSI_NULLS ON;
SELECT  CASE WHEN @CarRequest <> '' THEN '<>""'
             ELSE '??'
        END ,
        CASE WHEN ISNULL(@CarRequest, '') <> '' THEN '<>""'
             ELSE '??'
        END;

Open in new window


Use ISNULL(@CarRequest, '') <> '' to test for non-empty strings. And depending on your input a LTRIM(RTRIM(input_variable) should be considered.
1
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Closing Comment

by:RIAS
ID: 41877198
Cheers mate!
0
 

Author Comment

by:RIAS
ID: 41877244
Vitor,

It does not work quite right.

When faxAuth is present it should have a query like :

SELECT * FROM
CORRESPONDENCE b LEFT JOIN DIARY a ON a.REF = b.REF
where  a.FaxAuth = 'Yes'

Any suggestion.
0
 

Author Comment

by:RIAS
ID: 41877248
Stored procedure is
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence]
  

   
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
         @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
         @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null

         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
       SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

       SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
                           FROM CORRESPONDENCE WHERE ( DeleteRecord is null or DeleteRecord = 0) '       
       
        IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    
          IF  @Auth   <> ''       
             --SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
                   SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          IF  @FaxAuth <> ''
             SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          IF  @To <> ''
             SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          IF  @Regarding <> ''
             SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          IF  @SentBy <> ''
             SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          IF  @FaxNo <> ''
             SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          IF  @FaxLetterMemo <> ''
             SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
    
          IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
                    SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
           ELSE IF  @Year_Ref1  <> ''
                       SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
              Else IF @Year_Ref2  <> ''
                        SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       
     




----   A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

          SET @SQL = @SQL + 'ORDER BY Ref Asc'         
          SET @SQL = @SQL 

       EXECUTE (@SQL)
          INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
         --Print @SQL
       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877253
The requirement was if faxAuth = 'Yes'  then

SELECT * FROM
CORRESPONDENCE b LEFT JOIN DIARY a ON a.REF = b.REF
where  a.FaxAuth = 'Yes'  and  
  IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''              
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''      
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''      

Cheers!
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877262
When faxAuth is present it should have a query like :
Is this a new requirement? I can see by the SELECT that you're not using table1 nor table2.
Also you're referencing an "a" table that looks like is missing in your SELECT.
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877278
The requirement was if faxAuth = 'Yes'  then
Ohh, missed that. I will review the code and back to you asap.
0
 

Author Comment

by:RIAS
ID: 41877288
Hey thanks Vitor,
Please ignore the SP I posted in my first post. The later one is correct.
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877302
Please ignore the SP I posted in my first post. The later one is correct.
Ok but still missing table "a".
Also the date validation is only true for this exception (faxAuth = 'Yes'  )?
0
 

Author Comment

by:RIAS
ID: 41877307
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence]
  

   
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
         @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
         @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null

         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
       SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

       SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
                           FROM CORRESPONDENCE WHERE ( DeleteRecord is null or DeleteRecord = 0) '       
       
        IF @Date1  <> '' AND @Date2  <> ''
                   SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
           ELSE IF  @Date1  <> ''
                     SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
              Else IF @Date2  <> ''
                     SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          IF  @Ref  <> ''
             SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    
          IF  @Auth   <> ''       
             --SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
                   SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          IF  @FaxAuth <> ''
             SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          IF  @Attachments <> ''
             SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          IF  @To <> ''
             SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          IF  @Regarding <> ''
             SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          IF  @SentBy <> ''
             SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          IF  @FaxNo <> ''
             SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          IF  @Attn <> ''
             SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          IF  @FaxLetterMemo <> ''
             SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
    
          IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
                    SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
           ELSE IF  @Year_Ref1  <> ''
                       SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
              Else IF @Year_Ref2  <> ''
                        SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       
     




----   A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).

----Before than ---> WHERE date < @date
----Later than --> WHERE date > @date

          SET @SQL = @SQL + 'ORDER BY Ref Asc'         
          SET @SQL = @SQL 

       EXECUTE (@SQL)
          INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
         --Print @SQL
       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877310
This one is the correct Sp.

yes,the validation is for faxAuth ='yes' and also consider the dates as parameter for filteration of the rows which have faxauth 'yes'.

Date and faxauth are the common columns between the two tables.
0
 

Author Comment

by:RIAS
ID: 41877323
Thank you so much mate!
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877329
Try this version:
ALTER  PROCEDURE  [dbo].[M_Select_Correspondence] 
         
      @FaxLetterMemo Nvarchar(255)=null,  @Date1 VARCHAR(50) =null, @Date2 VARCHAR(50),@To nvarchar(255) = NULL ,@Regarding nvarchar(255) = NULL,
      @Ref Nvarchar(50) ,@Auth Nvarchar(50)=null,@SentBy Nvarchar(255)=null,@Attachments Nvarchar(255)=null,  
      @FaxNo Nvarchar(50)=null ,@Attn Nvarchar(50)=null,@FaxAuth Nvarchar(50)=null,@Year_Ref1 VARCHAR(8) =null,
      @Year_Ref2 VARCHAR(8) =null,@Correspondence_UID  Nvarchar(MAX)=null
         
AS
BEGIN
       -- SET NOCOUNT ON added to prevent extra result sets from
       -- interfering with SELECT statements.
	SET NOCOUNT ON;  
       
    DECLARE @SQL NVARCHAR(MAX)

	IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT * 
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

	END

	ELSE
	BEGIN
		SET @SQL = 'SELECT [Date], cast(Ref as int) as Ref,Auth,FaxAuth,Attachments,FaxNo,Attn,FaxLetterMemo,[To],[Regarding],[SentBy],Correspondence_UID                     
					FROM CORRESPONDENCE 
					WHERE (DeleteRecord is null or DeleteRecord = 0) '       
       
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '   AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '   AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
				SET @SQL = @SQL+ '  AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
          
		IF  @Ref  <> ''
			SET @SQL = @SQL + '  AND Ref = ''' + CAST(@Ref  AS  Nvarchar(50))  + ''''    

		IF  @Auth   <> ''       
			--SET @SQL = @SQL + '  AND Auth = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''
			SET @SQL = @SQL + '  AND LTRIM(RTRIM(Auth)) = ''' +  CAST(@Auth AS NVARCHAR(50))+ ''''                         
          
		IF  @FaxAuth <> ''
			SET @SQL = @SQL + '  AND FaxAuth LIKE ''' + CAST(@FaxAuth AS VARCHAR(255)) + ''''          
          
		IF  @Attachments <> ''
			SET @SQL = @SQL + '  AND  Attachments LIKE ''%'+ CAST(@Attachments AS NVARCHAR(255)) + '%''' 
          
		IF  @To <> ''
			SET @SQL = @SQL + '  AND  [To] LIKE ''%'+ CAST(@To AS NVARCHAR(255)) + '%'''                      
          
		IF  @Regarding <> ''
			SET @SQL = @SQL + '  AND  [Regarding] LIKE ''%'+ CAST(@Regarding AS NVARCHAR(255)) + '%'''                   
          
		IF  @SentBy <> ''
			SET @SQL = @SQL + '  AND  [SentBy] = '+'''' + CAST(@SentBy  AS VARCHAR(50))+''''   
          
		IF  @FaxNo <> ''
			SET @SQL = @SQL + '  AND  FaxNo LIKE ''%'+ CAST(@FaxNo AS NVARCHAR(255)) + '%'''    
          
		IF  @Attn <> ''
			SET @SQL = @SQL + '  AND  Attn LIKE  ''%'+ CAST(@Attn AS NVARCHAR(255)) + '%'''   
          
		IF  @FaxLetterMemo <> ''
			SET @SQL = @SQL + '  AND  FaxLetterMemo  = ''' +  CAST(@FaxLetterMemo AS NVARCHAR(255))+ ''''     
    
		IF @Year_Ref1  <> '' AND @Year_Ref2  <> ''
			SET @SQL =@SQL+ '   AND Year_Ref >= ' + CAST(@Year_Ref1  AS VARCHAR(8))  + 'and Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8))                        
		ELSE IF  @Year_Ref1  <> ''
				SET @SQL = @SQL+ '   AND  Year_Ref >=  ' + CAST(@Year_Ref1  AS VARCHAR(8))  
			Else IF @Year_Ref2  <> ''
					SET @SQL = @SQL+ '  AND  Year_Ref <= ' + CAST(@Year_Ref2  AS VARCHAR(8)) 
                       

	----A period of time --> WHERE date >= @date1 and date <= @date2 (you will to receive two parameters for the date period (min and max dates).
	----Before than ---> WHERE date < @date
	----Later than --> WHERE date > @date

		SET @SQL = @SQL + 'ORDER BY Ref Asc'         
	END
	
	EXECUTE (@SQL)
    INSERT INTO M_DEBUG(SQL) VALUES (@SQL)
          
	--Print @SQL

Open in new window

1
 

Author Comment

by:RIAS
ID: 41877335
trying mate...
0
 

Author Comment

by:RIAS
ID: 41877337
Thanks,
When I give date criteria , it says ambiguous column name Date ?
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877340
When I give date criteria , it says ambiguous column name Date ?
"Date and faxauth are the common columns between the two tables. "

Looks like you'll need to provide the table alias so the engine knows from which table it needs to perform the filter.
0
 

Author Comment

by:RIAS
ID: 41877343
How do i do it?
0
 

Author Comment

by:RIAS
ID: 41877349
Tryimng this :

IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT b.[Date], cast(b.Ref as int) as b.Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

	END

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877359
Vitor ,

This worked

	SET @SQL = 'SELECT   b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND b.Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and b.Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  b.Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  b.Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

Open in new window

0
 

Author Comment

by:RIAS
ID: 41877362
Really can't thank you enough! Genius!
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877368
Good that you've worked it out :)
Cheers
0
 

Author Comment

by:RIAS
ID: 41877370
Vitor,

Only the thing is multiple identical  rows are displayed where as it should be only one .
0
 
LVL 52

Expert Comment

by:Vitor Montalvão
ID: 41877392
This means your JOIN doesn't restrict to single records. You'll need to work it out or add a GROUP BY clause:
IF  @FaxAuth   <> ''
	BEGIN
		SET @SQL = 'SELECT b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID    
					FROM CORRESPONDENCE b 
						LEFT JOIN DIARY a ON a.REF = b.REF
					WHERE a.FaxAuth = ''Yes'''  
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND b.Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and b.Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  b.Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  b.Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       
			
		IF @Date1  <> '' AND @Date2  <> ''
			SET @SQL =@SQL+ '  AND Date >= ' + ''''+ CAST(@Date1  AS VARCHAR(20))  + '''' + ' and Date <= ' + ''''+ CAST(@Date2  AS VARCHAR(20)) +''''               
		ELSE IF  @Date1  <> ''
				SET @SQL = @SQL+ '  AND  Date >= '+ '''' + CAST(@Date1  AS VARCHAR(20))  +''''       
			Else IF @Date2  <> ''
					SET @SQL = @SQL+ ' AND  Date <= '+'''' + CAST(@Date2  AS VARCHAR(20))+''''       

		SET @SQL = @SQL + ' GROUP BY b.[Date], cast(b.Ref as int) as Ref,b.Auth,b.FaxAuth,b.Attachments,b.FaxNo,b.Attn,b.FaxLetterMemo,b.[To],b.[Regarding],b.[SentBy],b.Correspondence_UID'
	END

Open in new window

1
 

Author Comment

by:RIAS
ID: 41878345
Thanks Vitor,All done! Worked perfectly.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have a large data set and a SSIS package. How can I load this file in multi threading?
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question