SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Adding column in where condtion dynamically


Adding column in where condtion dynamically

Author
Message
subramani.rudrappa 78855
subramani.rudrappa 78855
SSC-Enthusiastic
SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)

Group: General Forum Members
Points: 170 Visits: 116
Hi,

I have following tables

product
customer
agent

we have column by name "state code" in product and customer.

i have sql like

select * from table name(we get table name dynamically like product,customer and agent using variable)

i need to add condition to get records with statecode=0

when i use where condition in the above query it looks like

select * from table name(we get table name dynamically like product,customer and agent)
where statecode=0

but this dynamic query fails for table "agent" as agent table does not contain statecode column.

so how can i wirte query where i get "where state code=0" condtion only for product and customer but not to agent.

mean

for product and customer query should look like this
select * from table name(we get table name dynamically like product,customer and agent)
where statecode=0

for agent :

select * from table name(we get table name dynamically like product,customer and agent)


i have tried

if (variable='product' or variable='customer')
select * from table name(we get table name dynamically like product,customer and agent)
where statecode=0

else
select * from table name(we get table name dynamically like product,customer and agent)

am looking at, is there any other way to implement this?
Kingston Dhasian
Kingston Dhasian
SSCertifiable
SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)SSCertifiable (6.1K reputation)

Group: General Forum Members
Points: 6083 Visits: 5283
You can implement this with Dynamic SQL as well

DECLARE   @TableName VARCHAR(100), @SQL VARCHAR(1000)

SET @TableName = 'agent'

SET @SQL = ' SELECT * '
+ ' FROM ' + @TableName
+ ' WHERE ' + CASE WHEN @TableName IN ( 'product', 'customer' ) THEN 'statecode = 0' ELSE '1=1' END


EXECUTE ( @SQL )




Kingston Dhasian

How to post data/code on a forum to get the best help - Jeff Moden
http://www.sqlservercentral.com/articles/Best+Practices/61537/
subramani.rudrappa 78855
subramani.rudrappa 78855
SSC-Enthusiastic
SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)SSC-Enthusiastic (170 reputation)

Group: General Forum Members
Points: 170 Visits: 116
Hi Kingston Dhasian,

i implemented as per your inputs it is working as expected.

thank you!!!
DiverKas
DiverKas
Mr or Mrs. 500
Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)Mr or Mrs. 500 (581 reputation)

Group: General Forum Members
Points: 581 Visits: 460
You would be better served with the last line like this:

EXEC sp_executesql @SQL

You should have a higher plan reuse rate instead of the standard EXECUTE (@SQL)
Sean Lange
Sean Lange
SSC Guru
SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)

Group: General Forum Members
Points: 63606 Visits: 17966
Or even better create 3 stored procs to retrieve your data. You are using the "one query fits all via dynamic sql" approach. This is full of issues. It is difficult to maintain, once business rules start diverging you have really complicated code (this sounds the case here), you are running the risk of sql injection (maybe not now but in the future).

The code that Kingston shared will work but breaking this into separate pieces is really the best move in the long run.

_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Modens splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
Sean Lange
Sean Lange
SSC Guru
SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)SSC Guru (63K reputation)

Group: General Forum Members
Points: 63606 Visits: 17966
DiverKas (1/15/2013)
You would be better served with the last line like this:

EXEC sp_executesql @SQL

You should have a higher plan reuse rate instead of the standard EXECUTE (@SQL)


AND it allows for parameterization which is vital if using dynamic sql.

_______________________________________________________________

Need help? Help us help you.

Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.

Need to split a string? Try Jeff Modens splitter.

Cross Tabs and Pivots, Part 1 – Converting Rows to Columns
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs
Understanding and Using APPLY (Part 1)
Understanding and Using APPLY (Part 2)
GilaMonster
GilaMonster
SSC Guru
SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)SSC Guru (228K reputation)

Group: General Forum Members
Points: 228373 Visits: 46342
I strongly recommend against this approach. It's a security risk and a maintenance nightmare. You wouldn't develop a C# method that could handle customers or products depending on a parameter passed, don't do it to SQL procedures.

Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass


Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search