Hi Pardeep, I follow the same line if thinking as Neil on this one. One of the other main reasons you should not use dynamic SQL is that you have to allow explicit table level permissions i.e. SELECT, UPDATE etc. This is not a good idea and in a way defeats the object of using the enhanced security aspects that are available in your using of stored procedures......
In my experience I have found you can always convert a dynamic SQL statement into a non-dynamic version with out too much bother. By the way SQL server's Books on line help (BOL) is a great resource when you have a problem. Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 25 February 2005 10:45 To: SQL Subject: Re: How do you do an IF condition in where statement Is it really that bad or hard? ----- Original Message ----- From: "Robertson-Ravo, Neil (RX)" <[EMAIL PROTECTED]> To: "SQL" <[email protected]> Sent: Friday, February 25, 2005 2:01 AM Subject: RE: How do you do an IF condition in where statement > ARRRGH!!!! Stop using Dynamic SQL ;-)!!!! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:6:2183 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/6 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:6 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.6 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
