ALTER PROCEDURE Example
(@BranchCode AS INT,
@Department VARCHAR(8000),
@DateFrom AS DATETIME,
@DateTo AS DATETIME,
@TransactionNumber AS NVARCHAR(30)
-- @Delimiter char(1)
)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @Sql NVARCHAR(MAX)
SET @Sql = 'Select
Mast.Branch_code, Mast.purerq_id as purerq_id,
Max(Mast.purreq_date) as purreq_date, Max(Mast.Dept_code) as Dept_code,
Max(Mast.purreq_desc) as purreq_desc,
Sum(Det.purreq_qty2) as purreq_qty2,
Det.Item_Code, Max(Mast.purreq_docecNo) as DocNo,
Sum(IsNull(Det.purreq_qty1,0)) as purreq_qty1,
IsNull(Det.purerq_TranNo,'') as purerq_TranNo,
IsNull(Max(Mast.purerq_adduserid),'') as Adduserid,
Max(Det.ItemPacking_Code) as ItemPacking_Code
From
tbl_purreqMaster Mast, tbl_purreq_detail1 Det
Where
Mast.Branch_code = Det.Branch_code And
Mast.purerq_id = Det.purerq_id And
Mast.purreq_date Between ' + @DateFrom + ' And ' + @DateTo + ' And
Mast.Dept_code IN (' + REPLACE( @Department, '''','') + ')
Mast.Branch_code = ' + CAST(@BranchCode AS VARCHAR) + ' AND
Mast.purreq_docecNo =' + @TransactionNumber + '
Group By
Mast.Branch_code, Mast.purerq_id, Det.Item_Code, Det.purerq_TranNo'
PRINT @Sql
--exec sp_executesql @Sql
END
GO
EXEC Example 1,'7,8','2017-10-01 00:00:00','2017-10-30 00:00:00','ALIA/PURQGEN/0000001'
此查询显示此错误
Msg 241,Level 16,State 1,Procedure Example,Line 18
从字符串转换日期和/或时间时转换失败。
但是我已经尝试过替换和强制转换函数来解决这个问题,但我找不到解决方案
答案 0 :(得分:2)
我会将@params与sp_executesql一起用于不需要连接到已执行字符串的参数。我还建议在@Department上进行一些处理,以防止sql injection。
ALTER PROCEDURE Example
(@BranchCode AS INT,
@Department VARCHAR(8000),
@DateFrom AS DATETIME,
@DateTo AS DATETIME,
@TransactionNumber AS NVARCHAR(30)
-- @Delimiter char(1)
)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @Sql NVARCHAR(MAX), @Params nvarchar(8000);
set @Params = '@BranchCode INT, @DateFrom DATETIME, @DateTo DATETIME, @TransactionNumber NVARCHAR(30)'
SET @Sql = 'Select
Mast.Branch_code, Mast.purerq_id as purerq_id,
Max(Mast.purreq_date) as purreq_date, Max(Mast.Dept_code) as Dept_code,
Max(Mast.purreq_desc) as purreq_desc,
Sum(Det.purreq_qty2) as purreq_qty2,
Det.Item_Code, Max(Mast.purreq_docecNo) as DocNo,
Sum(IsNull(Det.purreq_qty1,0)) as purreq_qty1,
IsNull(Det.purerq_TranNo,'') as purerq_TranNo,
IsNull(Max(Mast.purerq_adduserid),'') as Adduserid,
Max(Det.ItemPacking_Code) as ItemPacking_Code
From tbl_purreqMaster Mast
inner join tbl_purreq_detail1 Det
on Mast.Branch_code = Det.Branch_code
and Mast.purerq_id = Det.purerq_id
Where Mast.purreq_date Between @DateFrom and @DateTo
and Mast.Dept_code IN (' + REPLACE( @Department, '''','') + ')
and Mast.Branch_code = @BranchCode
and Mast.purreq_docecNo = @TransactionNumber
Group By
Mast.Branch_code, Mast.purerq_id, Det.Item_Code, Det.purerq_TranNo'
PRINT @Sql
--exec sp_executesql @Sql, @Params, @BranchCode, @DateFrom, @DateTo, @TransactionNumber
END
SQL Server 2008中的最佳方法是使用@DepartmentId的表值参数:
答案 1 :(得分:0)
SQLZim的解决方案应该有效。但既然他没有提到它,我会指出错误的原因是这一行:
Mast.purreq_date Between ' + @DateFrom + ' And ' + @DateTo + ' And
您需要将日期时间变量CAST / CONVERT到nvarchar,并用单引号括起来。