Loop with dynamic table name and where clause stored procedure












0















I am trying to update records and insert their audits to audit table.



For this purpose stored procedure waiting for above variables.



@m_obj_id INT,
@m_obj_code NVARCHAR(250),
@m_f_code NVARCHAR(250),
@m_nv NVARCHAR(4000),
@m_last_mod_by INTEGER,
@table_name SYSNAME,
--@where_clause NVARCHAR(4000)



Stored procedure formatting these variables as;



UPDATE @table_name SET @m_f_code=@m_nv WHERE id=@m_obj_id


And at last part inserting into audit.



I can use it with doing SELECT CONCAT and copying all the rows then execute.



But my goal is here not expecting @m_obj_id from user and replace it @where_clause. And use this @where_clause to get ids inside.



So far I tried;



    DECLARE @Sql NVARCHAR(MAX)

    DECLARE @RecordId int = 0

    BEGIN

    SET @SQL = N'

      SELECT @RecordId = MIN(id)

      FROM ' + @table_name + '

      WHERE id > @RecordId AND (' + @where_clause + ')

      IF @RecordId IS NULL BREAK

      SET @m_obj_id = @RecordId'

Exec sp_executesql @sql


But couldnt get far with it.



Then I tried something like;



DECLARE @RowsToProcess  int

DECLARE @CurrentRow     int

DECLARE @SelectCol1     int



DECLARE @sql NVARCHAR(MAX)

SET @sql = N'

DECLARE @table1 TABLE (RowID int not null primary key identity(1,1), col1 int )  

INSERT into @table1 (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '

SET @RowsToProcess=@@ROWCOUNT'

EXEC sp_executesql @sql,

N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT



SET @CurrentRow=0

WHILE @CurrentRow<@RowsToProcess

BEGIN

    SET @CurrentRow=@CurrentRow+1

        DECLARE @sql2 NVARCHAR(MAX)

        SET @sql2 = N'

        SET @m_obj_id =

        (SELECT col1

        FROM @table1

        WHERE RowID=@CurrentRow)'

        EXEC sp_executesql @sql2


But still no luck.



Can I achieve this any how? I am trying to do this for more than it should be.
Thanks all.






sql-server stored-procedures







share|improve this question























  • Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

    – Larnu
    Nov 20 '18 at 11:26













  • Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

    – Cappydh
    Nov 20 '18 at 11:44











  • I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

    – Larnu
    Nov 20 '18 at 11:45











  • I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

    – Cappydh
    Nov 20 '18 at 11:53
















0















I am trying to update records and insert their audits to audit table.



For this purpose stored procedure waiting for above variables.



@m_obj_id INT,
@m_obj_code NVARCHAR(250),
@m_f_code NVARCHAR(250),
@m_nv NVARCHAR(4000),
@m_last_mod_by INTEGER,
@table_name SYSNAME,
--@where_clause NVARCHAR(4000)



Stored procedure formatting these variables as;



UPDATE @table_name SET @m_f_code=@m_nv WHERE id=@m_obj_id


And at last part inserting into audit.



I can use it with doing SELECT CONCAT and copying all the rows then execute.



But my goal is here not expecting @m_obj_id from user and replace it @where_clause. And use this @where_clause to get ids inside.



So far I tried;



    DECLARE @Sql NVARCHAR(MAX)

    DECLARE @RecordId int = 0

    BEGIN

    SET @SQL = N'

      SELECT @RecordId = MIN(id)

      FROM ' + @table_name + '

      WHERE id > @RecordId AND (' + @where_clause + ')

      IF @RecordId IS NULL BREAK

      SET @m_obj_id = @RecordId'

Exec sp_executesql @sql


But couldnt get far with it.



Then I tried something like;



DECLARE @RowsToProcess  int

DECLARE @CurrentRow     int

DECLARE @SelectCol1     int



DECLARE @sql NVARCHAR(MAX)

SET @sql = N'

DECLARE @table1 TABLE (RowID int not null primary key identity(1,1), col1 int )  

INSERT into @table1 (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '

SET @RowsToProcess=@@ROWCOUNT'

EXEC sp_executesql @sql,

N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT



SET @CurrentRow=0

WHILE @CurrentRow<@RowsToProcess

BEGIN

    SET @CurrentRow=@CurrentRow+1

        DECLARE @sql2 NVARCHAR(MAX)

        SET @sql2 = N'

        SET @m_obj_id =

        (SELECT col1

        FROM @table1

        WHERE RowID=@CurrentRow)'

        EXEC sp_executesql @sql2


But still no luck.



Can I achieve this any how? I am trying to do this for more than it should be.
Thanks all.






sql-server stored-procedures







share|improve this question























  • Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

    – Larnu
    Nov 20 '18 at 11:26













  • Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

    – Cappydh
    Nov 20 '18 at 11:44











  • I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

    – Larnu
    Nov 20 '18 at 11:45











  • I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

    – Cappydh
    Nov 20 '18 at 11:53














0












0








0








I am trying to update records and insert their audits to audit table.



For this purpose stored procedure waiting for above variables.



@m_obj_id INT,
@m_obj_code NVARCHAR(250),
@m_f_code NVARCHAR(250),
@m_nv NVARCHAR(4000),
@m_last_mod_by INTEGER,
@table_name SYSNAME,
--@where_clause NVARCHAR(4000)



Stored procedure formatting these variables as;



UPDATE @table_name SET @m_f_code=@m_nv WHERE id=@m_obj_id


And at last part inserting into audit.



I can use it with doing SELECT CONCAT and copying all the rows then execute.



But my goal is here not expecting @m_obj_id from user and replace it @where_clause. And use this @where_clause to get ids inside.



So far I tried;



    DECLARE @Sql NVARCHAR(MAX)

    DECLARE @RecordId int = 0

    BEGIN

    SET @SQL = N'

      SELECT @RecordId = MIN(id)

      FROM ' + @table_name + '

      WHERE id > @RecordId AND (' + @where_clause + ')

      IF @RecordId IS NULL BREAK

      SET @m_obj_id = @RecordId'

Exec sp_executesql @sql


But couldnt get far with it.



Then I tried something like;



DECLARE @RowsToProcess  int

DECLARE @CurrentRow     int

DECLARE @SelectCol1     int



DECLARE @sql NVARCHAR(MAX)

SET @sql = N'

DECLARE @table1 TABLE (RowID int not null primary key identity(1,1), col1 int )  

INSERT into @table1 (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '

SET @RowsToProcess=@@ROWCOUNT'

EXEC sp_executesql @sql,

N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT



SET @CurrentRow=0

WHILE @CurrentRow<@RowsToProcess

BEGIN

    SET @CurrentRow=@CurrentRow+1

        DECLARE @sql2 NVARCHAR(MAX)

        SET @sql2 = N'

        SET @m_obj_id =

        (SELECT col1

        FROM @table1

        WHERE RowID=@CurrentRow)'

        EXEC sp_executesql @sql2


But still no luck.



Can I achieve this any how? I am trying to do this for more than it should be.
Thanks all.






sql-server stored-procedures







share|improve this question














I am trying to update records and insert their audits to audit table.



For this purpose stored procedure waiting for above variables.



@m_obj_id INT,
@m_obj_code NVARCHAR(250),
@m_f_code NVARCHAR(250),
@m_nv NVARCHAR(4000),
@m_last_mod_by INTEGER,
@table_name SYSNAME,
--@where_clause NVARCHAR(4000)



Stored procedure formatting these variables as;



UPDATE @table_name SET @m_f_code=@m_nv WHERE id=@m_obj_id


And at last part inserting into audit.



I can use it with doing SELECT CONCAT and copying all the rows then execute.



But my goal is here not expecting @m_obj_id from user and replace it @where_clause. And use this @where_clause to get ids inside.



So far I tried;



    DECLARE @Sql NVARCHAR(MAX)

    DECLARE @RecordId int = 0

    BEGIN

    SET @SQL = N'

      SELECT @RecordId = MIN(id)

      FROM ' + @table_name + '

      WHERE id > @RecordId AND (' + @where_clause + ')

      IF @RecordId IS NULL BREAK

      SET @m_obj_id = @RecordId'

Exec sp_executesql @sql


But couldnt get far with it.



Then I tried something like;



DECLARE @RowsToProcess  int

DECLARE @CurrentRow     int

DECLARE @SelectCol1     int



DECLARE @sql NVARCHAR(MAX)

SET @sql = N'

DECLARE @table1 TABLE (RowID int not null primary key identity(1,1), col1 int )  

INSERT into @table1 (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '

SET @RowsToProcess=@@ROWCOUNT'

EXEC sp_executesql @sql,

N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT



SET @CurrentRow=0

WHILE @CurrentRow<@RowsToProcess

BEGIN

    SET @CurrentRow=@CurrentRow+1

        DECLARE @sql2 NVARCHAR(MAX)

        SET @sql2 = N'

        SET @m_obj_id =

        (SELECT col1

        FROM @table1

        WHERE RowID=@CurrentRow)'

        EXEC sp_executesql @sql2


But still no luck.



Can I achieve this any how? I am trying to do this for more than it should be.
Thanks all.






sql-server stored-procedures




sql-server stored-procedures






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 20 '18 at 11:22









CappydhCappydh

115




115













  • Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

    – Larnu
    Nov 20 '18 at 11:26













  • Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

    – Cappydh
    Nov 20 '18 at 11:44











  • I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

    – Larnu
    Nov 20 '18 at 11:45











  • I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

    – Cappydh
    Nov 20 '18 at 11:53



















  • Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

    – Larnu
    Nov 20 '18 at 11:26













  • Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

    – Cappydh
    Nov 20 '18 at 11:44











  • I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

    – Larnu
    Nov 20 '18 at 11:45











  • I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

    – Cappydh
    Nov 20 '18 at 11:53

















Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

– Larnu
Nov 20 '18 at 11:26







Things like Where ' + @where_clause + ' are terrifyingly open to injection. Having a completely unparsed, unquoted, unchecked value being passed to dynamic SQL is basically leaving the door wide open for someone to inject into your server. I think we need to know a little more on the broader scope here and fix the major security flaw you have.

– Larnu
Nov 20 '18 at 11:26















Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

– Cappydh
Nov 20 '18 at 11:44





Thanks for warning. I can come back to security after acheiving this. This is my top goal right now.

– Cappydh
Nov 20 '18 at 11:44













I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

– Larnu
Nov 20 '18 at 11:45





I'm pretty sure, to be honest, that this is an XY Question. But you need to consider the security as you build the solution. With something like this, if you don't then you're going to just have to rebuild everything again afterwards.

– Larnu
Nov 20 '18 at 11:45













I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

– Cappydh
Nov 20 '18 at 11:53





I really understand your concern. But I need to know if I can do that in this way. If I can achieve this and understand how to do it, it will be no problem to rebuild again.

– Cappydh
Nov 20 '18 at 11:53












2 Answers
2






active

oldest

votes


















0














The non-dynamic way to implement dynamic filtering on sql is the following:



where id=@m_obj_id or @m_obj_id is null



For a LOT of more details on how to choose between dynamic and non-dynamic sql on this, I recommend this article by Erland Sommarskog






share|improve this answer
























  • But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

    – Cappydh
    Nov 20 '18 at 11:46





















0














I found a solution. Thanks everyone for responding.



I used a temp table like



DECLARE @RowsToProcess INTEGER

DECLARE @CurrentRow INTEGER

DECLARE @SelectCol1 INTEGER



CREATE TABLE #tmp (RowID INTEGER NOT NULL PRIMARY KEY IDENTITY(1,1), col1 int)



DECLARE @sql NVARCHAR(MAX)

SET @sql = N'

INSERT into #tmp (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '

SET @RowsToProcess=@@ROWCOUNT'

INSERT INTO #tmp

EXEC sp_executesql @sql,

N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT



SET @CurrentRow=0

WHILE @CurrentRow<@RowsToProcess

BEGIN

    SET @CurrentRow=@CurrentRow+1

        SET @m_obj_id =

        (SELECT col1

        FROM #tmp

        WHERE RowID=@CurrentRow)



        Do stuff....





share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391923%2floop-with-dynamic-table-name-and-where-clause-stored-procedure%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    The non-dynamic way to implement dynamic filtering on sql is the following:



    where id=@m_obj_id or @m_obj_id is null



    For a LOT of more details on how to choose between dynamic and non-dynamic sql on this, I recommend this article by Erland Sommarskog






    share|improve this answer
























    • But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

      – Cappydh
      Nov 20 '18 at 11:46


















    0














    The non-dynamic way to implement dynamic filtering on sql is the following:



    where id=@m_obj_id or @m_obj_id is null



    For a LOT of more details on how to choose between dynamic and non-dynamic sql on this, I recommend this article by Erland Sommarskog






    share|improve this answer
























    • But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

      – Cappydh
      Nov 20 '18 at 11:46
















    0












    0








    0







    The non-dynamic way to implement dynamic filtering on sql is the following:



    where id=@m_obj_id or @m_obj_id is null



    For a LOT of more details on how to choose between dynamic and non-dynamic sql on this, I recommend this article by Erland Sommarskog






    share|improve this answer













    The non-dynamic way to implement dynamic filtering on sql is the following:



    where id=@m_obj_id or @m_obj_id is null



    For a LOT of more details on how to choose between dynamic and non-dynamic sql on this, I recommend this article by Erland Sommarskog







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 20 '18 at 11:31









    George MenoutisGeorge Menoutis

    2,584419




    2,584419













    • But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

      – Cappydh
      Nov 20 '18 at 11:46





















    • But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

      – Cappydh
      Nov 20 '18 at 11:46



















    But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

    – Cappydh
    Nov 20 '18 at 11:46







    But I am also getting table name dynamic. So it will not allow me to just put id on where clause.

    – Cappydh
    Nov 20 '18 at 11:46















    0














    I found a solution. Thanks everyone for responding.



    I used a temp table like



    DECLARE @RowsToProcess INTEGER
    
DECLARE @CurrentRow INTEGER
    
DECLARE @SelectCol1 INTEGER
    

    
CREATE TABLE #tmp (RowID INTEGER NOT NULL PRIMARY KEY IDENTITY(1,1), col1 int)
    

    
DECLARE @sql NVARCHAR(MAX)
    
SET @sql = N'
    
INSERT into #tmp (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '
    
SET @RowsToProcess=@@ROWCOUNT'
    
INSERT INTO #tmp
    
EXEC sp_executesql @sql,
    
N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT
    

    
SET @CurrentRow=0
    
WHILE @CurrentRow<@RowsToProcess
    
BEGIN
    
    SET @CurrentRow=@CurrentRow+1
    
        SET @m_obj_id =
    
        (SELECT col1
    
        FROM #tmp
    
        WHERE RowID=@CurrentRow)
    

    
        Do stuff....





    share|improve this answer




























      0














      I found a solution. Thanks everyone for responding.



      I used a temp table like



      DECLARE @RowsToProcess INTEGER
      
DECLARE @CurrentRow INTEGER
      
DECLARE @SelectCol1 INTEGER
      

      
CREATE TABLE #tmp (RowID INTEGER NOT NULL PRIMARY KEY IDENTITY(1,1), col1 int)
      

      
DECLARE @sql NVARCHAR(MAX)
      
SET @sql = N'
      
INSERT into #tmp (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '
      
SET @RowsToProcess=@@ROWCOUNT'
      
INSERT INTO #tmp
      
EXEC sp_executesql @sql,
      
N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT
      

      
SET @CurrentRow=0
      
WHILE @CurrentRow<@RowsToProcess
      
BEGIN
      
    SET @CurrentRow=@CurrentRow+1
      
        SET @m_obj_id =
      
        (SELECT col1
      
        FROM #tmp
      
        WHERE RowID=@CurrentRow)
      

      
        Do stuff....





      share|improve this answer


























        0












        0








        0







        I found a solution. Thanks everyone for responding.



        I used a temp table like



        DECLARE @RowsToProcess INTEGER
        
DECLARE @CurrentRow INTEGER
        
DECLARE @SelectCol1 INTEGER
        

        
CREATE TABLE #tmp (RowID INTEGER NOT NULL PRIMARY KEY IDENTITY(1,1), col1 int)
        

        
DECLARE @sql NVARCHAR(MAX)
        
SET @sql = N'
        
INSERT into #tmp (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '
        
SET @RowsToProcess=@@ROWCOUNT'
        
INSERT INTO #tmp
        
EXEC sp_executesql @sql,
        
N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT
        

        
SET @CurrentRow=0
        
WHILE @CurrentRow<@RowsToProcess
        
BEGIN
        
    SET @CurrentRow=@CurrentRow+1
        
        SET @m_obj_id =
        
        (SELECT col1
        
        FROM #tmp
        
        WHERE RowID=@CurrentRow)
        

        
        Do stuff....





        share|improve this answer













        I found a solution. Thanks everyone for responding.



        I used a temp table like



        DECLARE @RowsToProcess INTEGER
        
DECLARE @CurrentRow INTEGER
        
DECLARE @SelectCol1 INTEGER
        

        
CREATE TABLE #tmp (RowID INTEGER NOT NULL PRIMARY KEY IDENTITY(1,1), col1 int)
        

        
DECLARE @sql NVARCHAR(MAX)
        
SET @sql = N'
        
INSERT into #tmp (col1) SELECT id FROM ' + @table_name + ' Where ' + @where_clause + '
        
SET @RowsToProcess=@@ROWCOUNT'
        
INSERT INTO #tmp
        
EXEC sp_executesql @sql,
        
N'@RowsToProcess INT OUTPUT', @RowsToProcess OUTPUT
        

        
SET @CurrentRow=0
        
WHILE @CurrentRow<@RowsToProcess
        
BEGIN
        
    SET @CurrentRow=@CurrentRow+1
        
        SET @m_obj_id =
        
        (SELECT col1
        
        FROM #tmp
        
        WHERE RowID=@CurrentRow)
        

        
        Do stuff....






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 21 '18 at 5:23









        CappydhCappydh

        115




        115






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391923%2floop-with-dynamic-table-name-and-where-clause-stored-procedure%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Can a sorcerer learn a 5th-level spell early by creating spell slots using the Font of Magic feature?

            Image
            28 6 $begingroup$ Per the Font of Magic feature, sorcerer can use Flexible Casting to create 5th-level spell slots at level 7, even though they are not typically available until level 9. You can transform unexpended sorcery points into one spell slot as a bonus action on your turn. The Creating Spell Slots table shows the cost of creating a spell slot of [5th level is 7] If such a sorcerer levels up while still having this 5th-level spell slot, can they choose a 5th-level spell as the spell they gain upon levelling up? The Spellcasting feature states: Additionally, when you gain a level in this class, you can choose one of the sorcerer spells you know and replace it with another spell from the sorcerer spell list, which also must be of a level for which you have spell slots.
            Read more

            Does disintegrating a polymorphed enemy still kill it after the 2018 errata?

            Image
            up vote 13 down vote favorite 1 After the 2018 errata, the disintegrate spell description now reads: A creature targeted by this spell must make a Dexterity saving throw. On a failed save, the target takes 10d6 + 40 force damage. The target is disintegrated if this damage leaves it with 0 hit points. If you were to polymorph an enemy into a rat and then disintegrate it, would the enemy be disintegrated or would it just return to its original form? I know that for Druids, it’s not an instant kill anymore, but is this the case for polymorph as well? dnd-5e spells polymorph errata share | improve this question edited 18 hours ago
            Read more

            A Topological Invariant for $pi_3(U(n))$

            Image
            3 3 $begingroup$ Recently, I saw a construction of topological invariant for $pi_3(U(n))$ with $ngeq 2$ : $$ N=frac{1}{24pi^2}int_{S^3} d^3x epsilon^{ijk} Tr[(U^{-1}partial_{x_i}U)(U^{-1}partial_{x_j}U)(U^{-1}partial_{x_k}U)] , $$ where $Uin U(n)$ depends on $boldsymbol{x}=(x_1,x_2,x_3)in S^3$ , $epsilon^{ijk}$ is the Levi-Civita symbol, $i,j,k=1,2,3$ , and the duplicated indexes are summed over. It is claimed that $N$ is an integer, but why? Update 02/02/2019 I think I got an argument for $n=2$ . In this case, $U=e^{i varphi} q$ with $qin SU(2)$ . Due to the trace and the Levi-Civita symbol in $N$ , $varphi$ does not contribute to $N$ . As $Tr[q^{dagger}partial_i q]=0$ and $(q^{dagger}partial_i q)^{dagger}=-q^{dagger}partial_i q$ , $q^{dagger}partial_i q$ in geneeral has the form $q^{dagger}partia
            Read more