Register

Forgot Password

Site FAQ

Home > IT Answers > Development > Stored Procedure Problem

Anilak singh

5 pts.

Stored Procedure Problem

SQL, Stored Procedure variables, Stored Procedures

Hi Greg, I am using SQL queries as in-script and now decided to use them as stored procedure. I am facing some problem while converting them into stored procedures. It’s a book search functionality based on book name and author name. My Old SQL query, which I was using with asp. SQL = “Select * From Tbl_Name Where Name LIKE '%xyz%' ” & strOrderBy Where strOrderBy is provided by user input at the time of search, so that they can sort book listing as they want. Variable strOrderBy, is asp variable and its value being determined by user at the time of search. I was passing the value of strOrderBy like this. Select Case strOrderByInput Case "pubdateasc" strOrderBy = "Order by publication DESC” Case "bookname" 'strOrderBy = " Order by BookName ASC " Case "Author" 'strOrderBy = " Order by AuthorName ASC " Case Else strOrderBy = " Order by publication ASC" End Select The whole thing is working fine when im using this in ASP as in-line query, but when I changed it into stored procedure. I am not able to pass strOrderBy variable as I was doing it earlier. Please can you help me how to do this in stored procedure? Regards Anil

Software/Hardware used:

ASKED: March 20, 2008 3:34 PM

UPDATED: March 21, 2008 12:35 AM

RELATED QUESTIONS

Answer Wiki:

In order to have a dynamic order by you have two options. 1. Use dynamic SQL. 2. Use a branching storage procedure. Option 1: <pre>CREATE PROCEDURE MyProc @OrderBy NVARCHAR(30) AS DECLARE @SQL NVARCHAR(4000) SET @SQL = N“Select * From Tbl_Name Where Name LIKE '%xyz%' ” + @OrderBy exec (@SQL) GO</pre> Option 2: <pre>CREATE PROCEDURE MyProc @OrderBy INT AS IF @OrderBy = 1 SELECT * FROM Tbl_Name WHERE Name LIKE '%xyz%' ORDER BY publication DESC IF @OrderBy = 2 SELECT * FROM Tbl_Name WHERE Name LIKE '%xyz%' Order by BookName ASC IF @OrderBy = 3 SELECT * FROM Tbl_Name WHERE Name LIKE '%xyz%' Order by AuthorName ASC IF @OrderBy = 4 SELECT * FROM Tbl_Name WHERE Name LIKE '%xyz%' Order by publication ASC GO</pre> The problem with dynamic SQL is there are security risks with using it. The problem with the branching code is that SQL can't do much with caching the execution plan (especially in SQL 2000 and below).

Last Wiki Answer Submitted: March 21, 2008 12:35 am by Denny Cherry

64,520 pts.

All Answer Wiki Contributors: Denny Cherry

64,520 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Mar 21, 2008 12:35 AM (GMT)

Check out my SQL Server blog “SQL Server with Mr Denny” for more SQL Server information.

Denny Cherry

64,520 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags