我有一个用于分页和搜索的存储过程,我有一个参数@Condition
。我需要将它传递给我的存储过程中的SQL语句,并且在where
中,我已经传递了 And p.BrandID=1 And s.Store_Name='xyz'
子句
CREATE PROCEDURE [dbo].[spGetProduct]
@DisplayLength int,
@DisplayStart int,
@SortCol int,
@SortDir nvarchar(10),
@Search nvarchar(255) = NULL,
@Condition nvarchar(500) = NULL
as
begin
Declare @FirstRec int, @LastRec int
Set @FirstRec = @DisplayStart;
Set @LastRec = @DisplayStart + @DisplayLength;
DECLARE @ExequteSql NVARCHAR(MAX)
SET @ExequteSql = N'
WITH CTE_Products AS
(
SELECT
ROW_NUMBER() OVER (ORDER BY
CASE WHEN (@SortCol = 3 AND @SortDir = "asc")
THEN p.ProductID
END ASC,
CASE WHEN (@SortCol = 3 AND @SortDir = "desc")
THEN p.ProductID
END DESC,
CASE WHEN (@SortCol = 4 AND @SortDir = "asc")
THEN s.Store_Name
END ASC,
CASE WHEN (@SortCol = 4 AND @SortDir = "desc")
THEN s.Store_Name
END DESC) AS RowNum,
COUNT(*) over() as TotalCount,
p.*, s.Store_Name, ss.SubStore_Name
FROM
((MST_Product p
INNER JOIN
MST_Store s on s.Store_ID = p.BrandID)
INNER JOIN
MST_SubStore ss on ss.SubStore_ID = p.SubStore_ID)
WHERE
(@Search IS NULL
OR p.ProductID LIKE "% + @Search + %"
OR s.Store_Name LIKE "% + @Search + %"
OR ss.SubStore_Name LIKE "% + @Search + %"
OR p.StoreRefCode LIKE "% + @Search + %"
OR p.PName LIKE "% + @Search + %") ' + @Condition + '
)
Select *
from CTE_Products
where RowNum > @FirstRec and RowNum <= @LastRec'
EXEC SP_EXECUTESQL @ExequteSql ,N'@FirstRec INT, @LastRec INT, @Search nvarchar(255), @SortCol int, @SortDir nvarchar(10)' ,
@FirstRec = @FirstRec ,@LastRec = @LastRec, @Search=@Search, @SortCol=@SortCol, @SortDir=@SortDir
END
但是我收到了错误
Msg 102,Level 15,State 1,Line 29
&#39; p&#39;附近的语法不正确。
onLoadMoreListener
答案 0 :(得分:0)
错误是因为双引号,它用于identifiers
。对于字符串文字,需要使用单引号
还做了一些更改
DECLARE @FirstRec INT,
@LastRec INT
SET @FirstRec = @DisplayStart;
SET @LastRec = @DisplayStart + @DisplayLength;
SET @Search = '%' + @Search + '%'
DECLARE @ExequteSql NVARCHAR(MAX)
SET @ExequteSql = N'
With CTE_Products as
(
Select ROW_NUMBER() over (order by '+case @SortCol when 3 then 'p.ProductID ' when 4 then 's.Store_Name ' end +case when @SortDir = 'asc' then 'asc' else 'desc' end+')
as RowNum,
COUNT(*) over() as TotalCount,
p.*, s.Store_Name, ss.SubStore_Name
from
MST_Product p INNER JOIN MST_Store s on s.Store_ID = p.BrandID
INNER JOIN MST_SubStore ss on ss.SubStore_ID = p.SubStore_ID
where (@Search IS NULL
Or p.ProductID like @Search
Or s.Store_Name like @Search
Or ss.SubStore_Name like @Search
Or p.StoreRefCode like @Search
Or p.PName like @Search ) '
+ @Condition
+ '
)
Select *
from CTE_Products
where RowNum > @FirstRec and RowNum <= @LastRec'
print @ExequteSql
EXEC Sp_executesql
@ExequteSql,
N'@FirstRec INT, @LastRec INT, @Search nvarchar(255), @SortCol int, @SortDir nvarchar(10)',
@FirstRec = @FirstRec,
@LastRec = @LastRec,
@Search=@Search,
@SortCol=@SortCol,
@SortDir=@SortDir
调用程序
EXEC Spgetproduct
@DisplayLength = 1,
@DisplayStart = 1,
@SortCol = 3,
@SortDir ='asc',
@Search = 'ab',
@Condition = ' And p.BrandID=1 And s.Store_Name=''xyz''' -- here you need to double the single quotes