我有以下查询:
create proc [dbo].GetCustById
as
DECLARE @sql nvarchar(500)
DECLARE @Param nvarchar(200)
SET @sql = 'select @columnName from customer where custId = @custId'
SET @Param = N'@columnName varchar(10), @custId int'
EXEC sp_executesql @sql, @Param , @columnName = 'Address1', @custId = '42'
但它总是返回一个字符串“Address1”而不是Address1列的值。有人可以帮忙吗?
感谢
答案 0 :(得分:2)
根据数据类型立即转义参数 - 这就是您返回值“Address1”而不是列的实际值的原因。
提交列名不作为参数,而是作为连接字符串提交:
DECLARE @sql nvarchar(500)
DECLARE @Param nvarchar(200)
SET @sql = 'select '+ @columnName +' from customer where custId = @custId'
SET @Param = N'@custId int'
EXEC sp_executesql @sql, @Param , @custId = 42
Read more about the behavior here
我知道的唯一其他选择要求您使用决策逻辑重定向到静态定义列名的查询:
IF @columname = 'Address1'
BEGIN
SET @sql = 'select Address1 from customer where custId = @custId'
END