DECLARE #cols AS NVARCHAR(MAX),
#query AS NVARCHAR(MAX),
#startdate datetime = '2017-04-01',
#enddate datetime = '2017-04-30'
SET #query = '
select * from Tb_T_Article where Created_Date < convert(date,' +#enddate+ ',105)
'
print #query
EXEC SP_EXECUTESQL #query
Hey please try the below code, and see if that works
DECLARE #enddate datetime
DECLARE #query NVARCHAR(MAX)
SET #enddate = '02-02-2012 6:10:00:000'
SET #query = 'SELECT CONVERT(DATE,#enddate,105)'
EXEC SP_EXECUTESQL #query,N'#enddate date',#enddate
Related
Everytime I execute this query I get this error:
The data types varchar and varchar are incompatible in the modulo operator. Asking for your help. Thanks!
DECLARE #date datetime, #SQL NVARCHAR(MAX);
SET #date = '2019';
SET #SQL = 'SELECT * FROM OPENQUERY(LINK2, ''SELECT * FROM wordpress.wp_users WHERE user_registered LIKE '''%' +#date+ '%''''')';
EXEC sp_executesql #SQL;
you can be varchar(4) because you are setting it as string. then use datepart()
DECLARE #date varchar(4), #SQL NVARCHAR(MAX);
SET #date = '2019';
SET #SQL = 'SELECT * FROM OPENQUERY(LINK2, ''SELECT * FROM wordpress.wp_users WHERE DATEPART(yy, user_registered) LIKE ''''%' +#date+ '%'''''')';
EXEC sp_executesql #SQL;
I have a stored procedure as shown below. When i use the command so as to call the stored procedure, i get the error message
Must declare the scalar variable "#MusNo"."
I would like to ask your help.
exec sp_executesql N' execute [isb].[SP_GetNakitIslemSorguList_Test] NULL,159986569,''2016/01/01 12:23:45'',''2016/03/03 21:10:12'' '
USE [ATMDB]
GO
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE proc [isb].[SP_GetNakitIslemSorguList_Test]
(
#IslemKodu as varchar(30),
#MusNo as bigint,
#StartDate as Date,
#EndDate as Date
)
AS
DECLARE #Sql nvarchar(max)
DECLARE #AddToWhereSql varchar(50)
IF #IslemKodu is null
BEGIN
SET #AddToWhereSql = '1=1'
END
ELSE
BEGIN
SET #AddToWhereSql = 'IslemKodu = #IslemKodu'
END
BEGIN
SET #Sql = N'SELECT [KartNo],[HesapNo],[TCKN],[CepTel],[MusNo],[Alacakli],[Tutar],[Tarih],[AtmNo],[Borclu]
FROM [ATMDB].[isb].[NakitIslemSorgu] WITH (NOLOCK)
WHERE MusNo = #MusNo and cast([Tarih] as Date)>= #StartDate and cast([Tarih] as Date) <= #EndDate and CashResult = 0
and ' + #AddToWhereSql + ' ORDER BY Tarih DESC'
exec sp_executesql #Sql
END
GO
As you pass in a Variable #MusNo of type BIGINT you must concatenate its value into your dynamic SQL. Try it like this:
SET #Sql = N'SELECT [KartNo],[HesapNo],[TCKN],[CepTel],[MusNo],[Alacakli],[Tutar],[Tarih],[AtmNo],[Borclu]
FROM [ATMDB].[isb].[NakitIslemSorgu] WITH (NOLOCK)
WHERE MusNo = ' + CAST(#MusNo AS VARCHAR(100)) + ' and cast([Tarih] as Date)>= #StartDate and cast([Tarih] as Date) <= #EndDate and CashResult = 0
and ' + #AddToWhereSql + ' ORDER BY Tarih DESC'
sp_executesql requires the variables to be declared and initialised. This is done using parameters as follows:
DECLARE #Params NVARCHAR(2000);
SET #Params = N'#MusNo bigint, #StartDate Date, #EndDate Date';
exec sp_executesql #Sql, #Params, #MusNo = #MusNo, #StartDate = #StartDate, #EndDate = #EndDate;
Even better is the following which will completely avoid any sql injection.
DECLARE #Sql nvarchar(max)
DECLARE #Params NVARCHAR(2000);
SET #Params = N'#IslemKodu varchar(30), #MusNo bigint, #StartDate Date, #EndDate Date';
SET #Sql = N'SELECT [KartNo],[HesapNo],[TCKN],[CepTel],[MusNo],[Alacakli],[Tutar],[Tarih],[AtmNo],[Borclu]
FROM [ATMDB].[isb].[NakitIslemSorgu] WITH (NOLOCK)
WHERE MusNo = #MusNo and cast([Tarih] as Date)>= #StartDate and cast([Tarih] as Date) <= #EndDate and CashResult = 0
and IslemKodu = ISNULL(#IslemKodu, IslemKodu) ORDER BY Tarih DESC'
exec sp_executesql #Sql, #Params, #IslemKodu = #IslemKodu, #MusNo = #MusNo, #StartDate = #StartDate, #EndDate = #EndDate;
Using MS SQL 2012.
I am trying to query a set of tables using dynamic SQL and I am passing through the tablename, a start date in the format of dd/MM/yyyy and an end date in the format of dd/MM/yyyy.
My Code is as follows.
#tableName nvarchar(50),
#startDate date,
#endDate date
AS
BEGIN
SET NOCOUNT ON;
DECLARE #Query varchar(max)
SET #Query = 'Select * from ''' + #tableName + ''' where Convert(date, Docdate, 103) >= ''' + CAST(#startDate AS VARCHAR(50)) + ''' and Convert(date, Docdate, 103) <= ''' + CAST(#endDate AS VARCHAR(50)) + ''
EXEC #Query
END
The Docdate field has a data type of Date and is in the format of yyyy-MM-dd.
I get the following error when I run this stored procedure.
Incorrect syntax near '/'.
What am I missing?
UPDATE
I am testing the query with the following entries for the variables and I still get the same error.
USE [TestDbs]
GO
DECLARE #return_value int
EXEC #return_value = [dbo].[getResultSet]
#tableName = Prices,
#startDate = 01/02/2016,
#endDate = 20/02/2016
SELECT 'Return Value' = #return_value
GO
You should use sp_executesql and pass proper date parameters to your query, and avoid the need for casting dates to strings at all:
CREATE PROCEDURE dbo.YourProcedure
#TableName SYSNAME,
#StartDate DATE,
#EndDate DATE
AS
BEGIN
DECLARE #Query NVARCHAR(MAX)
SET #Query = 'SELECT * FROM ' + QUOTENAME(#TableName) +
' WHERE Docdate >= #StartDateParam
AND Docdate <= #EndDateParam';
EXECUTE sp_executesql
#Query,
N'#startDateParam DATE, #endDateParam DATE',
#StartDateParam = #StartDate,
#EndDateParam = #EndDate;
END
I have made a couple of other minor tweaks too:
Change the datatype of #TableName from NVARCHAR(50) to SYSNAME (Synonym for `NVARCHAR(128), the maximum length of an object name)
Change the data type of #Query to NVARCHAR(MAX) since this is the type sp_executesql expects.
Wrapped #TableName with QUOTENAME to ensure any special characters do not cause an error.
If DocDate is already a date, then the explicit convert is not necessary so I have removed this.
ADDENDUM
You may also wish to add some validation to the table name:
-- CHECK TABLE NAME IS A VALID TABLE OF VIEW
IF ISNULL(OBJECT_ID(#TableName, 'U'), OBJECT_ID(#TableName, 'V')) IS NULL
BEGIN
-- HANDLE INVALID NAME
RETURN;
END
EDIT
I have changed the procedure slightly to cater for sending through a schema qualified table name
CREATE PROCEDURE dbo.getResultSet
#TableName SYSNAME,
#StartDate DATE,
#EndDate DATE
AS
BEGIN
DECLARE #Query NVARCHAR(MAX)
SET #Query = 'SELECT * FROM ' +
QUOTENAME(OBJECT_SCHEMA_NAME(OBJECT_ID(#TableName))) + '.' +
QUOTENAME(OBJECT_NAME(OBJECT_ID(#TableName))) +
' WHERE Docdate >= #StartDateParam
AND Docdate <= #EndDateParam';
EXECUTE sp_executesql
#Query,
N'#startDateParam DATE, #endDateParam DATE',
#StartDateParam = #StartDate,
#EndDateParam = #EndDate;
END
Then you would use this to execute it:
SET DATEFORMAT DMY;
DECLARE #return_value int
EXEC #return_value = [dbo].[getResultSet]
#tableName = 'dbo.Prices',
#startDate = '01/02/2016',
#endDate = '20/02/2016'
SELECT 'Return Value' = #return_value;
Or better still use a culture insensitive date format (yyyyMMdd) for your literals:
DECLARE #return_value int
EXEC #return_value = [dbo].[getResultSet]
#tableName = 'dbo.Prices',
#startDate = '20160201',
#endDate = '20160220'
SELECT 'Return Value' = #return_value;
I have something strange:
Declare #SQLQuery As nvarchar(Max)
Declare #maxdat date
Declare #dateColumn nvarchar(10)
Set #maxdat = GETDATE()
Set #dateColumn = 'ERDAT'
Set #SQLQuery = 'SELECT * FROM myTable WHERE #dateColumn <= #maxdat'
Execute sp_executesql #SQLQuery, N'#maxdat date, #dateColumn nvarchar(10)', #maxdat, #dateColumn
This will fail with Conversion failed when converting date and/or time from character string.
But the following will work just fine:
Set #SQLQuery = 'SELECT * FROM myTable WHERE ERDAT <= #maxdat'
Try the updated code like this. Just put the #dateColumn parameter outside the query string
Declare #SQLQuery As nvarchar(Max)
Declare #maxdat date
Declare #dateColumn nvarchar(10)
Set #maxdat = GETDATE()
Set #dateColumn = 'ERDAT'
Set #SQLQuery = 'SELECT * FROM myTable WHERE ' + #dateColumn + ' <= #maxdat'
Execute sp_executesql #SQLQuery, N'#maxdat date', #maxdat
Problem is with your dynamic SQL. the way you are doing it the variables will go as strings. You have to use the "+" symbol and do it like example below so that SQL can parse it and use 'variable value' instead of 'variable name'.
SELECT GETDATE() AS A
INTO
#Temp
Declare #SQLQuery As nvarchar(Max)
Declare #maxdat date
Declare #dateColumn nvarchar(10)
Set #maxdat = DATEADD(Day,1,GETDATE())
Set #dateColumn = 'A'
--Set #SQLQuery = 'SELECT * FROM #Temp WHERE #dateColumn >= #maxdat'
Set #SQLQuery = 'SELECT * FROM #Temp WHERE ' + #dateColumn + ' >= '+ CAST(#maxdat AS nvarchar(10))
--Print #SQLQuery
Execute sp_executesql #SQLQuery, N'#maxdat date, #dateColumn nvarchar(10)', #maxdat, #dateColumn
How to pass the parameters to the EXEC sp_executesql statement correctly?
This is what I have now, but i'm getting errors:
alter PROCEDURE [dbo].[usp_getReceivedCases]
-- Add the parameters for the stored procedure here
#LabID int,
#RequestTypeID varchar(max),
#BeginDate date,
#EndDate date
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
declare #statement nvarchar(4000)
set #statement = N'select SentToLab,
FROM dbo.vEmailSent
WHERE SentToLab_ID=#LabID and convert(date,DateSent) >= #BeginDate
and CONVERT(date, datesent) <= #EndDate
and RequestType_ID in ( #RequestTypeID )
EXEC sp_executesql #statement,N'#LabID int', #LabID, N'#BeginDate date', #BeginDate,N'#EndDate date', #EndDate, #RequestTypeID=#RequestTypeID
END
RequestTypeID is a comma delimited list of integers, like so: "1,2,3,4,5"
here is my try #2, also unsuccessful
declare #statement nvarchar(4000)
SET #statement =' select SentToLab_ID
FROM dbo.vEmailSent
WHERE
SentToLab_ID='+#LabID+' and convert(date,DateSent) >= '+#BeginDate +'
and CONVERT(date, datesent) <= '+#EndDate+'
and RequestType_ID in ('+ #RequestTypeID+' )
group by FileStream_ID, SentToLab_ID'
EXEC(#statement)
Operand type clash: date is incompatible with int
Here is a simple example:
EXEC sp_executesql #sql, N'#p1 INT, #p2 INT, #p3 INT', #p1, #p2, #p3;
Your call will be something like this
EXEC sp_executesql #statement, N'#LabID int, #BeginDate date, #EndDate date, #RequestTypeID varchar', #LabID, #BeginDate, #EndDate, #RequestTypeID
This also works....sometimes you may want to construct the definition of the parameters outside of the actual EXEC call.
DECLARE #Parmdef nvarchar (500)
DECLARE #SQL nvarchar (max)
DECLARE #xTxt1 nvarchar (100) = 'test1'
DECLARE #xTxt2 nvarchar (500) = 'test2'
SET #parmdef = '#text1 nvarchar (100), #text2 nvarchar (500)'
SET #SQL = 'PRINT #text1 + '' '' + #text2'
EXEC sp_executeSQL #SQL, #Parmdef, #xTxt1, #xTxt2
If one need to use the sp_executesql with OUTPUT variables:
EXEC sp_executesql #sql
,N'#p0 INT'
,N'#p1 INT OUTPUT'
,N'#p2 VARCHAR(12) OUTPUT'
,#p0
,#p1 OUTPUT
,#p2 OUTPUT;
maybe this help :
declare
#statement AS NVARCHAR(MAX)
,#text1 varchar(50)='hello'
,#text2 varchar(50)='world'
set #statement = '
select '''+#text1+''' + '' beautifull '' + ''' + #text2 + '''
'
exec sp_executesql #statement;
this is same as below :
select #text1 + ' beautifull ' + #text2