![]() ![]() Using token ? in the format "" will rescue in case the database names in the Microsoft SQL Server instance have space characters.īut the same point is just the opposite for the undocumented sp_MSForEachTable proc syntax. If you want to select the database name or the table name as a literal in the t-sql expression you should use double single quotes around the ? literal.Īlso the sp_MSForEachDB syntax enables the SQL Server developers or administrators to use instead of ?. The literal ? is used as a token which is replace with database name or table name according to the executed stored procedure " sp_MSForEachDB" or " sp_MSForEachTable". Is there any difference in performance when using EXEC vs SPEXECUTESQL. Note that you must considered the sql injection possibility. I know SPEXECUTESQL helps us to avoid sql injection. Of course this dynamically built t-sql statement or sql code can contain input / output parameters. It is suggesting to use SPEXECUTESQL instead of EXEC. Executing a SQL string: EXEC ('SELECT FROM sys.types') Executing a nested string: EXEC ('EXEC (''SELECT FROM sys.types'')') Executing a string variable: DECLARE stringVar NVARCHAR(100) SET stringVar N'SELECT name FROM' + ' sys. SQL Server tutorial shows how to use sp_MSForEachDB and sp_MSForEachTable undocumented stored procedures for database programmers and SQL Server administrators to ease their daily tasks. 14 Recently we used a sql code reviewing tool against our database. ![]() SQL Server Undocumented Stored Procedures sp_MSForEachDB and sp_MSForEachTable in Example T-SQL Codes
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |