Validate MSSQL identifier (parameter) in .NET or regular expression

Question

In a .NET project I need to verify if a string is a valid Microsoft SQL Server 2005 parameter identifier.

Example: SELECT * FROM table WHERE column = @parameter

Is there a runtime class method to validate a string for being a parameter, or is there a regular expression that verifies the rules? (see below)

From the documentation on identifiers, parameters should comply to these general identifier rules:

1. The first character must be one of the following: * A letter as defined by the Unicode Standard 3.2. The Unicode definition of letters includes Latin characters from a through z, from A through Z, and also letter characters from other languages. * The underscore (_), at sign (@), or number sign (#).
   Certain symbols at the beginning of an identifier have special meaning in SQL Server. A regular identifier that starts with the at sign always denotes a local variable or parameter and cannot be used as the name of any other type of object. An identifier that starts with a number sign denotes a temporary table or procedure. An identifier that starts with double number signs (##) denotes a global temporary object. Although the number sign or double number sign characters can be used to begin the names of other types of objects, we do not recommend this practice. Some Transact-SQL functions have names that start with double at signs (@@). To avoid confusion with these functions, you should not use names that start with @@.
2. Subsequent characters can include the following: * Letters as defined in the Unicode Standard 3.2. * Decimal numbers from either Basic Latin or other national scripts. * The at sign, dollar sign ($), number sign, or underscore.
3. The identifier must not be a Transact-SQL reserved word. SQL Server reserves both the uppercase and lowercase versions of reserved words.
4. Embedded spaces or special characters are not allowed.
5. Supplementary characters are not allowed.

When identifiers are used in Transact-SQL statements, the identifiers that do not comply with these rules must be delimited by double quotation marks or brackets.

Since I want to validate parameters only, identifiers must start with an @ sign, and must not be delimited.

Answer 1

I found this article about creating a function for evaluating regular expressions on TSQL, internally uses VBScript, check it out here

Another link you can find useful, but i think it needs registration, here

Another idea could be handle @parameter as a sysname datatype, don't know if it fits here

Answer 2

I was stumbling over the Unicode character classes, but once I found out that they are supported in .NET regular expressions, I came up with the following regular expression solving my question:

@[\p{L}{\p{Nd}}$#_][\p{L}{\p{Nd}}@$#_]*

This enforces:

• Identifier always starts with @, making it a parameter.
• No @ in the second position allowed to avoid confusion with special TSQL functions.
• Allows only characters as defined in the rules.