Using OUTPUT Parameters in Stored Procedures
According to MS-BOL, SQL Server Stored-Procedures can return data in 4 forms:
1. Return Code: which are always an integer value.
2. OUTPUT Parameter: which can return either data (such as an integer or character value) or a cursor variable (cursors are result sets that can be retrieved one row at a time).
3. A result set for each SELECT statement contained in the stored procedure or any other stored procedures called by the stored procedure.
4. A global cursor that can be referenced outside the stored procedure.
Specifying OUTPUT keyword to the parameters in the Stored Procedures can return the values of the parameters to the calling program.
Let’s check this with a simple example by using AdventureWorks database:
USE [AdventureWorks] GO --// Create Stored Prcedure with OUTPUT parameter CREATE PROCEDURE getContactName @ContactID INT, @FirstName VARCHAR(50) OUTPUT, @LastName VARCHAR(50) OUTPUT AS BEGIN SELECT @FirstName = FirstName, @LastName = LastName FROM Person.Contact WHERE ContactID = @ContactID end GO --// Test the Procedure DECLARE @CID INT, @FName VARCHAR(50), @LName VARCHAR(50) --/ Test# 1 SET @CID = 100 EXEC getContactName @ContactID=@CID, @FirstName=@FName OUTPUT, @LastName=@LName OUTPUT SELECT @FName as 'First Name', @LName as 'Last Name' --/ Output -- ContactID First Name Last Name -- 100 Jackie Blackwell --/ Test# 2 SET @CID = 200 EXEC getContactName @ContactID=@CID, @FirstName=@FName OUTPUT, @LastName=@LName OUTPUT SELECT @FName as 'First Name', @LName as 'Last Name' --/ Output -- ContactID First Name Last Name -- 200 Martin Chisholm GO --// Final Cleanup DROP PROCEDURE getContactName GO
>> Check & Subscribe my [YouTube videos] on SQL Server.
EXECUTE (or EXEC) vs sp_executesql
–> EXECUTE:
As per MS BOL EXECUTE executes a command string or character string within a TSQL batch, or one of the following modules: system stored procedure, user-defined stored procedure, scalar-valued user-defined function, or extended stored procedure. The TSQL query can be a direct string or a variable of char, varchar, nchar, or nvarchar data type.
–> sp_executesql:
As per MS BOL sp_executesql executes a TSQL statement or batch that can be reused many times, or one that has been built dynamically. The TSQL statement or batch can contain embedded parameters. The SQL query is a Unicode string or a Unicode variable that contains a Transact-SQL statement or batch. Here the variable datatype is restricted to Unicode nchar or nvarchar only. If a Unicode constant (SQL string) is used then the it must be prefixed with N.
–> Main difference performance wise: sp_executesql is generally preferred over EXEC() when executing dynamic T-SQL. sp_executesql works by creating a stored procedure using the specified query, then calling it using the supplied parameters. Unlike EXEC(), sp_executesql provides a mechanism that allows you to parameterize dynamic T-SQL and encourage plan reuse. A dynamic query that is executed using sp_executesql has a much better chance of avoiding unnecessary compilation and resource costs than one ran using EXEC().
Let’s check the difference with a simple example using [AdventureWorks] database’s [Person].[Contact] table:
USE [AdventureWorks] GO DECLARE @str NVARCHAR(1000) DECLARE @fName NVARCHAR(20) DECLARE @ePromo INT SET @fName = N'James' SET @ePromo = 1 --// Using EXECUTE or EXEC SET @str = N' SELECT ContactID, FirstName, MiddleName, LastName, EmailAddress, Phone, EmailPromotion FROM Person.Contact WHERE FirstName = ''' + @fName + ''' AND EmailPromotion = ' + CAST(@ePromo as NVARCHAR(20)) PRINT @str EXEC (@str) GO --// Using sp_executesql DECLARE @str NVARCHAR(1000) DECLARE @fName NVARCHAR(20) DECLARE @ePromo INT DECLARE @paramList NVARCHAR(500) SET @paramList = N'@fNameParam NVARCHAR(20), @ePromoParam INT' SET @str = N' SELECT ContactID, FirstName, MiddleName, LastName, EmailAddress, Phone, EmailPromotion FROM Person.Contact WHERE FirstName = @fNameParam AND EmailPromotion = @ePromoParam' SET @fName = N'James' SET @ePromo = 1 EXECUTE sp_executesql @str, @paramList, @fNameParam=@fName, @ePromoParam=@ePromo -- When the match is LIKE SET @str = N' SELECT ContactID, FirstName, MiddleName, LastName, EmailAddress, Phone, EmailPromotion FROM Person.Contact WHERE FirstName LIKE ''%'' + @fNameParam + ''%'' AND EmailPromotion = @ePromoParam' SET @fName = N'James' SET @ePromo = 0 EXECUTE sp_executesql @str, @paramList, @fNameParam=@fName, @ePromoParam=@ePromo GO
Security Note:
Before you call EXECUTE or sp_executesql with a character string, validate the character string. Never execute a command constructed from user input that has not been validated. For more information, see SQL Injection.
Is WITH (READPAST) affected by readlocks – MSDN TSQL forum
–> Question:
If a transaction calls a SELECT using the table hint WITH(READPAST)… will it skip rows that are locked by other SELECT statements that are in READ COMMITTED mode and are issuing shared locks?
ie. Does READPAST skip rows that are locked by SELECT statements, not just UPDATE and INSERT statements?
–> Answer:
I don’t think READPAST will skip rows locked by SELECT statement, but only in UPDATE & DELETEs.
Check here for an example and demo: Difference between NOLOCK and READPAST table hints
You may also check a similar old post in MSDN forum for more into.
Ref link.
Convert unicode Characters to be displayed in ASCII format – MSDN TSQL forum
–> Question:
Is there a function (or any other way) in T SQL, by which I can somehow convert a unicode character (UTF – 8) and then display it in normal ASCII format?
Eg: I want to convert “Ha Nội” to “Hanoi” either programatically or in SQL.
Another Example: Réunion as “Reunion”
One other problem is sometimes some characters in unicode come up as “?” when cast using the above method:
Eg: Ḩaḑramawt ?a?ramawt
–> Answer:
This is related to database COLLATION settings.
This would not be the best way, but just in case an idea to sail you through….
SELECT
'Réunion',
CAST('Réunion' AS VARCHAR(100)) COLLATE SQL_Latin1_General_CP1253_CI_AI
… you can also play with COLLATE DATABASE_DEFAULT option.
For more info you can check my blog post on COLLATION, Collation Conflicts and Change a Database Collation.
Regarding your other problem, you want to match the foreign language characters to English, right? Which is not possible in most of the cases.
Just like in French, Réunion, contains ‘é’ which is similar to English ‘e’ but with l’accent aigue accent.
But this is not feasible for every character, and other languages too, like Chinese, Hindi. How can you map, and even if you map what symbol will it show? And thus every character cannot be matched against English and you’ll see invalid characters in your result set.
Ref link.
SQL DBA – SQL Queries Executed, Running & Blocking
Here are some TIPS for checking what all SQL statements:
– were executed recently.
– currently running in background.
– blocking or deadlocking.
USE [AdventureWorks] GO --// Which SQL query or statement was executed recently? -- Execute the Stored Proc with different parameters & some SQL queries or statements. EXEC uspGetEmployeeManagers 1 GO EXEC uspGetEmployeeManagers 2 GO SELECT * FROM Person.Contact WHERE ContactID = 100 GO SELECT * FROM HumanResources.Employee WHERE EmployeeID = 200 GO -- Following SQL query will get you which SQL statement or Object was executed/used at what time and how many times. SELECT object_name(b.objectid) AS obj_name, a.execution_count, a.last_execution_time, b.text FROM sys.dm_exec_query_stats a CROSS APPLY sys.dm_exec_sql_text(a.sql_handle) AS b --where text like '%uspGetEmployeeManagers%' ORDER BY 2 DESC GO
--// Who's executing what SQL statements. sp_who2 GO -- You can check any SPID that is greater than 50. This will give you the SQL statement executing against that SPID. -- Also check if any process is blocking any other process, the BlkBy column will give you the process SPID thats blocking the current process. Put that blocking SPID as paremeter in DBCC INPUTBUFFER() statement and get the SQL statement which has blocked your process. DBCC INPUTBUFFER (51) GO -- You can also Kill the process by providing the blocking SPID as parameter with the KILL statement. KILL 51 GO
More about:
– UDF(TVF) sys.dm_exec_sql_text
– View sys.dm_exec_query_stats
Current Visitors
StatCounter …since April 2012
Leisure blog: Creek & Trails
- NMDC Hyderabad Marathon – My first 42k FM, cramps, training and fuelling
- Singapore (Part 2) – 6 days itinerary, sightseeing & attractions
- Singapore (Part 1) – Tickets, Visa, Hotel, Forex Card/Cash, Metro/Bus cards
- I got full refund of my flight tickets during COVID lockdown (AirIndia via MakeMyTrip)
- YouTube – Your Google Ads account was cancelled due to no spend
- YouTube latest update on its YPP (YouTube Partner Program) which may affect your channel
- Starting your own blog !!!
- How to file ITR (Income Tax Return) online AY 2017-18 (for simple salaried)
- Scam – Become a kin/hier and earn a fortune – via LinkedIn and Email
- Places to visit in and around Vizag (aka Visakhapatnam)
SQL with Manoj 