ansaurus

Question

Answer 1

+10 A:

Have you tried breaking down the statement, to check if intermediate results are as expected? That's what you do to debug a complex statement...

For example, there's a nested SELECT in there. If you commit that SELECT on its own, does it print the expected values?

Edit: There's a saying about teaching a man to fish. 'ck' and 'n8wrl' have given you fish to eat today, now please practice fishing to feed you tomorrow...

DevSolar 2009-06-23 11:29:56

Answer 2

+3 A:

You are querying:

'WHERE Indexing > '+ CONVERT(NVARCHAR(10), @p_StartIndex) + 
' AND Indexing<=(' + CONVERT (NVARCHAR(10),@p_StartIndex ) + ' + '

and then adding max rows as a string, you can do this much more easily like so:

'WHERE Indexing > '+ CONVERT(NVARCHAR(10), @p_StartIndex) + 
'  AND Indexing <='+ CONVERT(NVARCHAR(10),@p_StartIndex + @p_MaxRows)

EDIT

The problem with your inner WHERE is that you are passing in the parameter, you need to do

'WHERE       (AddressBook.CreatedBy = ''' + CAST(@p_CreatedBy AS CHAR(36)) + ''')'

ck 2009-06-23 11:30:53

This query is working absolutely fine, with all inner joins and select statement, when im adding where condition which is commented in my query it is not giving the expected result "WHERE (AddressBook.CreatedBy = @p_CreatedBy)" these lines are commented and the query is working fine but i want to put this condition.

Yaser Ahmed 2009-06-23 12:30:06

@Yaser Ahmed - I've added another fix to address your where issue. The column and param names aren't exact because the question disappears when you edit an answer.

ck 2009-06-23 12:44:37

i even tried this where clause, it is still not working. im getting this error The data types varchar and uniqueidentifier are incompatible in the add operator.

Yaser Ahmed 2009-06-24 11:04:36

@Yaser - I've changed it to cast the parameter as a char. Try this.

ck 2009-06-24 11:17:03

Answer 3

+1 A:

Are you sure all your joins should be inner joins?

Paddy 2009-06-23 11:30:54

This query is working absolutely fine, with all inner joins and select statement, when im adding where condition which is commented in my query it is not giving the expected result "WHERE (AddressBook.CreatedBy = @p_CreatedBy)" these lines are commented and the query is working fine but i want to put this condition. please help

Yaser Ahmed 2009-06-23 12:19:30

Answer 4

+5 A:

Well, a quick glance of this:

WHERE Indexing > '+ CONVERT(NVARCHAR(10), @p_StartIndex) + ' AND Indexing<=(' + CONVERT (NVARCHAR(10),@p_StartIndex ) +...

looks like you're looking for an impossible condition, not unlike this:

WHERE Indexing > 5 AND Indexing <= 5

So that might be why you're getting no rows, but this proc is ripe for SQL injection attacks too. Building SQL on the fly based on possibly-unvalidated parameters is very dangerous.

n8wrl 2009-06-23 11:32:22

he is converting it to nvarchar because he is building one big string (@sql) and this gets executed, this of course is not the way to do it but params should be used with sp_executesql

SQLMenace 2009-06-23 14:59:21

D'Oh - you're right of course. But sp_executesql... brrr!

n8wrl 2009-06-23 15:14:23

Answer 5

+1 A:

Change sp_executesql to PRINT and see what gets generated (the poor man's debugger)

Besides what all the other people told you,

give me one good reason why you are using sp_executesql over exec? You are not using parameterized statements, you also are not protected from sql injections because you just execute the whole string

This will just bloat the procedure cache everytime this is run and some values change, you will get a new plan every time

Please take a look at Changing exec to sp_executesql doesn't provide any benefit if you are not using parameters correctly and Avoid Conversions In Execution Plans By Using sp_executesql Instead of Exec

SQLMenace 2009-06-23 14:54:40

ansaurus

tags:

views:

answers:

Help me writing this query

related questions