tags:

views:

64

answers:

2
Q: 

Create a DATABASE using as a Name from a Variable

I would like create a database using value from a variable. Here my script but it does not work. Any ideas? 

-- Set Data Base name
DECLARE @DataBaseName char(64);
SET @DataBaseName = 'DbCmsWebsiteTest';

-- Create Data Base
CREATE DATABASE @DataBaseName;
GO
+6  A: 

You'd need dynamic SQL for this I think (with appropriate precautions if the name is user supplied)

-- Set Data Base name
DECLARE @DataBaseName sysname;
SET @DataBaseName = 'DbCmsWebsiteTest';

IF (@DataBaseName  LIKE '%[^0-9A-Z]%')
    RAISERROR('Invalid Characters in Name, %s',16,1,@DataBaseName)
ELSE
    BEGIN
    SET @DataBaseName = QUOTENAME(@DataBaseName)
    EXEC('CREATE DATABASE '+ @DataBaseName)
    END
Martin Smith  2010-08-03 15:14:00
But I would not check the valid name rules myself, rather let the CREATE raise. For instance, your check rules out many valid characters like space, `_`, `-` etc.
Remus Rusanu  2010-08-03 19:17:30
@Remus - Agreed - I was a bit ambivalent about SQL injection possibilities but I guess QUOTENAME would deal with that anyway.
Martin Smith  2010-08-03 19:24:50
+1  A: 

Actually, the recommended approach is the sp_executesql function.

Here's an example of using it:

DECLARE @SqlCommand NVARCHAR(255), @DatabaseName NVARCHAR(63)
SET @DatabaseName = 'DbName'
SET @SqlCommand = N'CREATE DATABASE ' + @DatabaseName
EXECUTE sp_executesql @SqlCommand
Corina  2010-08-03 15:36:24
Gives `Incorrect syntax near '@DatabaseName'.` You'd need to find some syntax that accepts a parameter for the database name (in which case you wouldn't need dynamic SQL anyway you could just call it directly)
Martin Smith  2010-08-03 15:41:10
In addition to Martin's comment, `sp_executesql` is SQL Server 2005+ syntax, and ATM we're not aware of what version of SQL Server this is for...
OMG Ponies  2010-08-03 15:48:04
Got it! I did kinda hurry there :) My idea with sp_executesql was based on the fact that msdn recommends using it when possible. But since its main advantage is when it comes to the execution plans, I guess it's not that important which option is used in this case.
Corina  2010-08-03 18:03:41

related questions

Sql to query a dbs scheme
Transform Columns into Rows
SQL Client for Mac OS X that works with MS SQL Server
How do you get leading wildcard full-text searches to work in SQL Server?
SQL Server 2000: Is there a way to tell when a record was last modified?
What's the BEST way to remove the time portion of a datetime value (SQL Server)
I need to know how much disk space a table is using in SQL Server
What's the best way to determine if a temporary table exists in SQL Server?
Appropriate pagefile size for SQL Server
Have you ever encountered a query that SQL Server could not execute because it referenced too many tables?
ASP.NET MVC "CRUD" Database Sample
How do I unit test persistence?
Best Book for a new Database Developer
Can I logically reorder columns in a table?
Best way to copy a database in SQL Server 2005/8?
Is Windows Server 2008 "Server Core" appropriate for a SQL Server instance?
Why doesn't SQL Full Text Indexing return results for words containing #?
Client collation and SQL Server 2005
Editing database records by multiple users
Deploying SQL Server Databases from Test to Live
SQL Server 2005 implementation of MySQL REPLACE INTO?
Upgrading SQL Server 6.5
How do I version my MS SQL database in SVN?
How to export data from SQL Server 2005 to MySQL
Check for changes to a SQL table?