With the square brackets in you string, your table reference turns into dbo. Approved which is not valid. The reference should be dbo.
Approved instead.
With the square brackets in you string, your table reference turns into dbo. Approved which is not valid. The reference should be dbo.
Approved instead. You might want to consider passing schema name and table name as two separate parameters. It would also be better to use the QUOTENAME function instead of hard coding the square brackets.
Declare @sql nvarchar(1000) set @sql = N'UPDATE T1 SET T1. NPTid = dbo.Locations. NPT_ID FROM ' + QUOTENAME(@schemaName) + N'.' + QUOTENAME(@tableName) + N' As T1 INNER JOIN dbo.
Locations ON T1. Where_Committed = dbo.Locations. Location_Name ' EXEC (@sql).
FROM dbo. '+ QUOTENAME(@tableName) + ' As T1 – Doozer1979 Dec 17 '10 at 16:46 @Doozer - you don't need the closing bracket before AS T1 – JNK Dec 17 '10 at 16:46 @Doozer1979: I added sample code to my answer. – Joe Stefanelli Dec 17 '10 at 16:47 @Joe Stefanelli - I would +2 if I could :) – JNK Dec 17 '10 at 16:49.
If you use brackets for the three-part-name, you need to have brackets around each section but not the period, i.e. : dbo. Approved If you pass dbo.
Approved as your parameter, your Dynamic SQL is reading it as dbo. Approved which would only work if you had a table named that (i.e. The dbo.Is part of the table name not the schema).
Change it to: '...dbo. ' + @tablename + '... And just pass Approved as the parameter.
Your wrapping the id too early so '' + @tableName + ' is getting translated to dbo. Approved when it should be dbo.Approved.
Table names and column names are actually sysname (which is, as I recall an NVARCHAR(128) or NVARCHAR(256) - off the top of my head I don't quite remember) Also, You are vulnerable to a SQL Injection Attack. You should validate that @tableName is a real table by checking it against INFORMATION_SCHEMA. TABLES Finally, just to be absolutely sure, in case the real table has some odd characters in it, you should use QUOTENAME(@tableName) to fully escape the table name.
1 the brackets are the issue, not the data type :) – JNK Dec 17 '10 at 16:42 Cheers. I'm aware that it's vulnerable to SQL injection, but it's just a helper app that will run on only one machine, by me. – Doozer1979 Dec 17 '10 at 16:48.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.