Dynamic SQL results into temp table in SQL Stored procedure

by

Try:

SELECT into #T1 execute ('execute ' + @SQLString )

And this smells real bad like an sql injection vulnerability.

correction (per @CarpeDiem’s comment):

INSERT into #T1 execute ('execute ' + @SQLString )

also, omit the 'execute' if the sql string is something other than a procedure

More Related Contents:

  1. T-SQL Dynamic SQL and Temp Tables
  2. Update a table using JOIN in SQL Server?
  3. Comma separated results in SQL
  4. T-SQL stored procedure that accepts multiple Id values
  5. Understanding PIVOT function in T-SQL
  6. Calculate running total / running balance
  7. How do I escape a percentage sign in T-SQL?
  8. Using RegEx in SQL Server
  9. List of all index & index columns in SQL Server DB
  10. Why use a READ UNCOMMITTED isolation level?
  11. How do you count the number of occurrences of a certain substring in a SQL varchar?
  12. How much size “Null” value takes in SQL Server
  13. Find index of last occurrence of a sub-string using T-SQL
  14. Hidden Features of SQL Server
  15. SQL Server 2008 Empty String vs. Space
  16. Preserving ORDER BY in SELECT INTO
  17. Select / Insert version of an Upsert: is there a design pattern for high concurrency?
  18. SQL Server: combining multiple rows into one row
  19. Can you call a webservice from TSQL code?
  20. How to add custom attributes to SQL connection string?
  21. Multiple Column Pivot in T-SQL
  22. Convert decimal time to hours and minutes
  23. Joining multiple tables returns NULL value
  24. Which join syntax is better?
  25. Compute MD5 hash of a UTF8 string
  26. LPAD in SQL Server 2008
  27. How to check SQL Server Database compatibility after sp_dbcmptlevel is deprecated?
  28. How do I remove non-breaking spaces from a column in SQL server?
  29. Is there an “IF EXISTS” test for a linked server?
  30. SQL Server stored procedure return code oddity

Leave a Comment