tsql - SQL Server variable columns name?

Question

Welcome To Ask or Share your Answers For Others

tsql - SQL Server variable columns name?

posted Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

tsql - SQL Server variable columns name?

I am wondering why I cannot use variable column name like that:

declare @a as varchar;
set @a='TEST'

select @a from x;

Thank you

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-17T00:08:29+0000

You can't do it because SQL is compiled before it knows what the value of @a is (I'm assuming in reality you would want @a to be some parameter and not hard coded like in your example).

Instead you can do this:

declare @a as varchar; 
set @a='TEST' 

declare @sql nvarchar(max)
set @sql = 'select [' + replace(@a, '''', '''''') + '] from x'

exec sp_executesql @sql

But be careful, this is a security vulnerability (sql-injection attacks) so shouldn't be done if you can't trust or well clean @a.

Categories

tsql - SQL Server variable columns name?

tsql - SQL Server variable columns name?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags