October 5, 2005 at 7:04 am
Hi,
Thanks for Taking time to Reply.
I have a Search Stored Procedure which uses Dynamic Sql. I'm using "SP_EXECUTESQL" to avoid the SQL Injection. In that I have many Tables Inner Joined together. The "SP_EXECUTESQL" takes only 'nvarchar' or 'ntext' as Variables. so I have assigned the whole Query to a variable which is of DataType 'nvarchar'. The Problem is the nvarchar can hold only upto 4000 characters. My stored procedure is more than 4000 char.
I'm in Urgent Need.
vamsiKrishna
October 5, 2005 at 7:09 am
Can we see the code? maybe there's a way to use a proc instead of dynamic sql.
October 6, 2005 at 12:01 am
Thanks for ur Relpy.
it's related to our Business so the Code should not be revealed. Can you give me a detailed explination about proc?
October 6, 2005 at 7:01 am
Sorry, you're on your own if you can't show the code.
October 6, 2005 at 1:04 pm
sp_executesql should take a VARCHAR(8000) variable
or if that is not enough
Use EXEC( ) instead of sp_executesql.
DECLARE @SQL1 VARCHAR(8000)
, @SQL2 VARCHAR(8000)
...
EXEC( @SQL1 + @SQL2 ) -- + @SQL3 + @SQL4 +... if necessary
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply