Cadavre (9/28/2013)

---

enriquezreyjoseph (9/27/2013)

---

Can I used this instead of sp_executesql i will use EXEC only??...cadavare

I'm not sure how many times I have to say "SQL Injection" to you. . . yes you can do what you're saying if you want to be vulnerable to SQL injection which will allow a malicious user to do a lot to your server.