开发者

Edit query based on parameters in SQL Reporting Services

问答 作者:

Is it possible to change a qu开发者_运维问答ery in Reporting Services based on a parameter?

I'd like to be able to change table names within the query from tableName to tableName2 (for example) on the fly.

There are two ways you could do it:

  1. Write multiple queries (one for each table), then switch among then based upon the parameter value
  2. Use dynamic SQL

For 1, you'd do something like this:

if @param = 'value'
    select Col1, Col2 from Table1
else
    select Col1, Col2 from Table2

For 2, you'd do something like this:

declare @sql nvarchar(4000)

select @sql = 'select Col1, Col2 from' + (case when @param = 'value' then 'Table1' else 'Table2' end)

sp_executesql @sql

WARNING: Be very careful of option 2. If option 1 is feasible, then it is the safer option, as dynamically constructing SQL based upon user-supplied values is always a dangerous affair. While this particular example doesn't use the parameter directly in the SQL, it would be very easy to write something that did, and thus very easy to find a way to exploit it.

继续阅读:reporting-servicessql

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9