Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

Store procedure variable Expand / Collapse
Author
Message
Posted Tuesday, February 5, 2013 8:57 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 2:57 AM
Points: 5,143, Visits: 4,946
If the proc is in A and A is down, then they wont be able to run the proc as they cant get to A, so your logic is flawed.

What high availability routines do you have in place?




Want an answer fast? Try here
How to post data/code for the best help - Jeff Moden
Need a string splitter, try this - Jeff Moden
How to post performance problems - Gail Shaw
CrossTabs-Part1 & Part2 - Jeff Moden
SQL Server Backup, Integrity Check, and Index and Statistics Maintenance - Ola Hallengren
Managing Transaction Logs - Gail Shaw
Troubleshooting SQL Server: A Guide for the Accidental DBA - Jonathan Kehayias and Ted Krueger

Post #1415918
Posted Tuesday, February 5, 2013 9:01 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Thursday, July 24, 2014 7:27 AM
Points: 306, Visits: 580
Sorry, it is my fault. I did not make clear.
What I mean is [Order] table in serverA is not correct so that user need to use [Order] table in serverB.
Post #1415919
Posted Tuesday, February 5, 2013 9:06 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 2:57 AM
Points: 5,143, Visits: 4,946
Well then as long as you have a linked server from ServerA to ServerB you will be ok.

But I seriously would recommend changing the connection string and not using dynamic SQL.




Want an answer fast? Try here
How to post data/code for the best help - Jeff Moden
Need a string splitter, try this - Jeff Moden
How to post performance problems - Gail Shaw
CrossTabs-Part1 & Part2 - Jeff Moden
SQL Server Backup, Integrity Check, and Index and Statistics Maintenance - Ola Hallengren
Managing Transaction Logs - Gail Shaw
Troubleshooting SQL Server: A Guide for the Accidental DBA - Jonathan Kehayias and Ted Krueger

Post #1415925
Posted Tuesday, February 5, 2013 9:21 AM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Yesterday @ 4:14 PM
Points: 13,126, Visits: 11,964
anthony.green (2/5/2013)
Well then as long as you have a linked server from ServerA to ServerB you will be ok.

But I seriously would recommend changing the connection string and not using dynamic SQL.


+1


_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Moden's splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Post #1415942
Posted Tuesday, February 5, 2013 1:54 PM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Monday, May 19, 2014 5:51 AM
Points: 38, Visits: 94
Is dynamic SQL bad in general or just when it opens up this sort of a security hole allowing for the SQL to fully specified or at least the table?

Time to make a change

Post #1416084
Posted Tuesday, February 5, 2013 3:01 PM


SSChampion

SSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampionSSChampion

Group: General Forum Members
Last Login: Yesterday @ 4:14 PM
Points: 13,126, Visits: 11,964
Antony Symonds (2/5/2013)
Is dynamic SQL bad in general or just when it opens up this sort of a security hole allowing for the SQL to fully specified or at least the table?


Dynamic sql is very powerful and is sometimes the best way to accomplish something. In the case of this it is more dangerous because of the possibility of sql injection.


_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Moden's splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Post #1416119
Posted Wednesday, February 6, 2013 1:54 AM
SSC Rookie

SSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC RookieSSC Rookie

Group: General Forum Members
Last Login: Monday, May 19, 2014 5:51 AM
Points: 38, Visits: 94
Sean Lange (2/5/2013)
Antony Symonds (2/5/2013)
Is dynamic SQL bad in general or just when it opens up this sort of a security hole allowing for the SQL to fully specified or at least the table?


Dynamic sql is very powerful and is sometimes the best way to accomplish something. In the case of this it is more dangerous because of the possibility of sql injection.


Thanks, that is pretty much what I was thinking I just wanted to make sure... I suppose he could put some conditions to test the parameters being sent to make sure its within an acceptable bracket of sql code...


Time to make a change

Post #1416311
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse