I have a stored procedure named "processInventory" like the following.
Depending on the passed in parameters, I would like to add a WHERE
clause for "select" action. For example, if any varchar type of
parameter is passed in, the where clause would use "LIKE" operator. For
example, "Select * from Main where [s/n] like @Serial. All other types
will use "=" operator. For example, "Select * from Main where MAKE =
@Make and Type = @type".
How could this be achieved? Thanks.

CREATE PROCEDURE processInventory
@Action varchar(7),
@ControlNumber int = null,
@AssetTag int = null,
@Serial varchar(50) = null,
@Description varchar(50) = null,
@Make int = null,
@Type int = null,
@Model int = null,
@Status int = null,
@Networked bit = null,
@LoginName varchar(50) = null,
@Shared bit = null,
@Org varchar(15) = null,
@RecordDate datetime = null,
@LastUpdate datetime = null,
@ManufactureDate datetime = null,
@Comment ntext = null

AS

declare @processError int
set @processError = 0

if @Action = 'Select' goto selectInventory
else
If @Action = 'Update'
begin
if @ControlNumber = null return(1) --Required parameter value not
specified
else
goto updateInventory
end
else
if @Action = 'Insert'
begin
if @Serial = null return(1) --Required parameter value not
specified
else
goto InsertInventory
end
else
if @Action = 'Delete'
begin
if @ControlNumber = null return(1) --Required parameter value
not specified
else goto deleteInventory
end

selectInventory:
if @Serial <> null
begin
select * from Main where [S/N] like @Serial
if @@Error<>0
begin
set @processError = @@Error
return @processError
end
end
else
if @ControlNumber <> null
begin
select * from Main where ControlNumber = @ControlNumber
if @@Error <>0
begin
set @processError = @@Error
return @processError
end
end
else
select top 100* from Main

updateInventory:
update MAIN
set [Org Asset Tag] = @AssetTag, [S/N] = @Serial, [Description]
= @Description, Make = @Make, Type = @Type,
Model = @Model, Status = @Status, Networked = @Networked,
LoginName = @LoginName, Shared = @Shared,
Org = @Org, [Date Of Record] = @RecordDate, [Date Last
Updated] = @LastUpdate, [Manuf Date] = @ManufactureDate,
Comments = @Comment
where ControlNumber = @ControlNumber
if @@ERROR <> 0
begin
set @processError = @@ERROR
return @processError
end
else
return(0) -- successful update

insertInventory:
insert MAIN([Org Asset Tag], [S/N], [Description], Make, Type,
Model, Status, Networked, LoginName, Shared,
Org, [Date Of Record], [Date Last Updated], [Manuf
Date],Comments)
values(@AssetTag, @Serial, @Description, @Make, @Type, @Model,
@Status, @Networked, @LoginName, @Shared,
@Org, @RecordDate, @LastUpdate, @ManufactureDate,
@Comment)
if @@ERROR <> 0
begin
set @processError = @@ERROR
return @processError
end
else return(0) -- successful insert

deleteInventory:
delete MAIN where ControlNumber = @ControlNumber
if @@ERROR <> 0
begin
set @processError = @@ERROR
return @processError
end
else return(0) -- successful delete
GO

First, I would suggest that you not lump all of your actions together
in one stored procedure; you will suffer from a performance impact,
because SQL Server will be forced to recompile your procedure every
time it runs (for SELECT, UPDATE, or DELETE). This is never a good
idea.

That being said, you could set the default value of the parameter you
wish to use wildcards on as a wildcard ('%'); later, in the body of the
stored procedure, add a wildcard character to the value before you use
it in the query. A simple example is below:

CREATE PROC procTestWildcard @Param varchar(10) = '%' AS

SET @Param = @Param + '%'

SELECT Column
FROM Table
WHERE Column Like @Param

-----

Running the following

exec procWildCardTest

will return all of the data in your table since you've essentially run
the statement

SELECT Column
FROM Table
WHERE Column Like '%%'

The statement

exec procWildCardTest 'S'

will return all of the data in your table that starts with the letter
'S', since the SQL statement is now interpreted as

SELECT Column
FROM Table
WHERE Column Like 'S%'


HTH,
Stu

Thanks for your suggestion. As you can see, I have more than one
parameter that might be passed into the proc. How do I dermine which
one is passed in? If I use IF..ELSE, there would be many combination
of parameters. I don't think SQL2000 allow concation of partitial
statments, so each combination need to be dealt with like
IF @Make <> NULL
SELECT COL1, COL2 FROM TABLE WHERE MAKE LIKE @Make
ELSE
IF @Make <> NULL AND @Model <> NULL
SELECT COL1, COL2 FROM TABLE WHERE MAKE LIKE @Make and MODEL LIKE
@Model
ELSE
other paramter combination

The suggestion I gave above will work for any number of paramater
combinations. Not the most effecient way, but it will work.

CREATE PROC procTestParams (@Make varchar(10) = '%', @Model varchar(10)
= '%') AS

SET @Make = @Make+'%'
SET @Model = @Model+'%'

SELECT COL1, COL2
FROM TABLE
WHERE MAKE LIKE @Make
and MODEL LIKE @Model


Another way to do this is to build your SQL string dynamically and use
sp_executeSQL

CREATE PROC procTestParams (@Make varchar(10) =NULL, @Model
varchar(10) = NULL) AS

DECLARE @SQL nvarchar(4000)

/*Return all records by default; need a basic true WHERE condition so
that you can
append AND's to it as needed*/

SET @SQL = 'SELECT COL1, COL2 FROM TABLE WHERE 1=1 '

IF @Make IS NOT NULL
SET @SQL =@SQL + ' AND Make LIKE @Make ' --make sure that you are
passing wildcards if needed

IF @Model IS NOT NULL
SET @SQL =@SQL + ' AND Model LIKE @Model '


exec sp_executeSQL @SQL, N'@Make varchar(10), @Model varchar(10)',
@Make, @Model


You'll just have to play around with it to see which is more effecient;
the first version will basically run a search against all parameters,
looking for wildcards (any data) on the columns you don't specify a
value for, whereas the second version will dynamically build a SQL
statement to be executed against only those columns you supply a
parameter for. The effeciency of either approach is going to be
affected by the number and atype of indexes on your table, and the
amount of data to be returned.

Hope that clarifies.

Stu

[posted and mailed, please reply in news]

js (androidsun@yahoo.com) writes:
> I have a stored procedure named "processInventory" like the following.
> Depending on the passed in parameters, I would like to add a WHERE
> clause for "select" action. For example, if any varchar type of
> parameter is passed in, the where clause would use "LIKE" operator. For
> example, "Select * from Main where [s/n] like @Serial. All other types
> will use "=" operator. For example, "Select * from Main where MAKE =
> @Make and Type = @type".
> How could this be achieved? Thanks.

I have a longer article on the topic on
http://www.sommarskog.se/dyn-search.html.

Since you are into UPDATE, I would careful with using dynamic SQL
because of the permissions issues.



--
Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp