Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > Database > SQL Language
Password Reminder
| FAQ | Members List | Search | Today's Posts | Mark Forums Read
SQL Language SQL Language discussions not specific to a particular RDBMS program or vendor.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the SQL Language section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old November 10th, 2010, 03:24 AM
Registered User
Join Date: Nov 2010
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default SQL Query - Need Urgent Help

Hi Techies,


I have a stored procedure which has a query [static] for which I need to append one variable [dyanamic] so that it is executed when SP is run.


Declare @WhereCondition Varchar(500)
SET @WhereCondition = 'where id between 1 and 10'
"Select * from Some_Table" is my query

I want to append @WhereCondition to the above query in such a way that, when it is run the query should run like

"Select * from Some_Table Where id between 1 and 10"

PS: I dont want to use dynamic queries as my SP has got 100s of queries which will be a difficult task to change the entire procedure.

Kindly Help ASAP.

My Sincere Thanks well in advance. Thanks for your Valuable Time


Last edited by astrosathya; November 10th, 2010 at 04:17 AM..
Reply With Quote
  #2 (permalink)  
Old November 10th, 2010, 03:11 PM
Friend of Wrox
Join Date: Jun 2008
Location: Snohomish, WA, USA
Posts: 1,649
Thanks: 3
Thanked 141 Times in 140 Posts

Unless the *type* of the WHERE condition is fixed in advance, you have no choice but to use dynamic SQL inside the stored proc.

    @Where VARCHAR(500)  
SET @sql = 'SELECT * FROM some_table ' + @Where
EXEC( @sql )
Note that this is dangerous coding. You need to "sanitize" the @where value to be sure it isn't doing SQL Injection.
Reply With Quote
  #3 (permalink)  
Old November 12th, 2010, 03:04 AM
Registered User
Join Date: Nov 2010
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts


Thanks for your sincere reply for my post. Even I am left with that option only. Actually I was trying to see if there is any better option as my Stored Procedure has 100's of queries which have to be made dynamic now but Not so much time left with me..
Reply With Quote
  #4 (permalink)  
Old November 28th, 2010, 06:38 AM
Friend of Wrox
Points: 3,558, Level: 25
Points: 3,558, Level: 25 Points: 3,558, Level: 25 Points: 3,558, Level: 25
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
Join Date: Jun 2003
Location: California, USA
Posts: 996
Thanks: 2
Thanked 11 Times in 11 Posts
Send a message via Yahoo to melvik

u can send ur table name by Parameter too if u wanna do it for many tables
but be aware of SQL Injection my friend
Hovik Melkomian.
Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need urgent help in Update query Nishapd Classic ASP Basics 5 June 23rd, 2009 03:55 PM
Query About XSLT-Urgent harshalchoksi XSLT 6 February 23rd, 2007 06:43 AM
urgent query,,, please.....!!! SAAM C++ Programming 1 December 11th, 2006 08:22 AM
SQL query problem in Access - Urgent Kaustav Access 2 September 30th, 2005 11:39 PM
New Query (Urgent!!) vinod_yadav1919 Oracle 3 January 31st, 2005 02:05 PM

All times are GMT -4. The time now is 01:59 PM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.