a4apple (5/7/2014)

---

I believe you can write this query without using DYNAMIC SQL. but the only part that confuses me is @CID. You specified it as integer, and you are passing...

homebrew01 (5/7/2014)

---

How would the hacker pass that variable to the stored procedure ? If it's part of a form on a website, then hackers can enter character strings. ...

Lowell (5/7/2014)

---

well, the WHERE statement is still a "catch all" query, but isn't this functionally identical?

WHERE 1 = CASE WHEN @p_flag = 1 OR moveFlag = 26

...

How about this?

SELECT [Columns]

FROM Test1 T1

INNER JOIN Test2 T2 ON T1.ID = T2.ID

WHERE CASE @p_flag

WHEN 1 THEN moveFlag = 26

ELSE moveFlag > 26 OR moveFlag < 26

END

Notice I modified...

Well because of the datatypes presented here it really isn't vulnerable to sql injection....

SW Skeen (5/7/2014)

---

I had a submittal this morning for release to production that contains 2 aliases 'o' for a physical table and a temp table. To my knowledge I haven't...

Jeff Moden (5/6/2014)

---

In most cases, I'd strongly agree with you but... with two DATE, one...

fstop (5/6/2014)

---

Thank you all for your suggestions. Unfortunately, ganging all the create statements into one stored proc isn't working (although for some reason it create 3 out of 10)....

KGJ-Dev (5/6/2014)

---

WOW!! Thanks Chris. Wonderful Query . Works as expected. Definitely you guyz think about why such requirement. I need to get these format data to my spreadsheet. each...

KGJ-Dev (5/6/2014)

---

Final Quick Question.

Is it possible to select the rows based on the condition? as i said, i am planning to bringing 10000 records each.

where s.Rn > 10000 and s.Rn...

bkmsmith (5/6/2014)

---

Here is another option.

create table abc_test

(

id int

,runs int

,date1 datetime

)

;

insert into abc_test

(

id

,runs

,date1

) values

('24','1','2013-12-05 10:00:01.000'),

('24','2','2013-12-05 10:00:02.000'),

('25','1','2013-12-05 10:00:03.000'),

('25','2','2013-12-05 10:00:04.000'),

('25','3','2013-12-05 10:00:06.000'),

('26','1','2013-12-05 10:00:07.000'),

('26','2','2013-12-05 10:00:08.000'),

('27','1','2013-12-05 10:00:09.000')

;

SELECTT2.id

, [runs] = T2.MaxRuns

, T1.date1

FROMdbo.abc_test T1

INNER JOIN

(

SELECTid

, [MaxRuns]...

jdasilva (5/6/2014)

---

How does SQL get the value of the variable from the form in access?

In the example I am working on, I am polling the data for specific info for...

jdasilva (5/6/2014)

---

For the most part this is pretty easy once you know where to put things, but what if the query pulls info from a form? In my case,...

I had a feeling that was what you wanted. There is < 0.00% percent chance you will get this right. I don't mean any disrespect but you are trying to...

The problem is that we can't see your screen. We have no idea what you are trying to do.

In order to help we will need a few things:

1....