Sql server 请帮助我修复此存储过程
尝试创建以下存储过程时,会收到以下错误消息: 我做错了什么Sql server 请帮助我修复此存储过程,sql-server,tsql,stored-procedures,dynamic-sql,Sql Server,Tsql,Stored Procedures,Dynamic Sql,尝试创建以下存储过程时,会收到以下错误消息: 我做错了什么 Create Procedure uspUpdateWithNewSSN ( @OldSSN VARCHAR(9) ,@NewSSN VARCHAR(9) ) AS SET NOCOUNT ON BEGIN If OBJECT_ID(N'NewSSNEXIST') IS NULL Begin Create Table NewSSNEXIST (
Create Procedure uspUpdateWithNewSSN
(
@OldSSN VARCHAR(9)
,@NewSSN VARCHAR(9)
)
AS
SET NOCOUNT ON
BEGIN
If OBJECT_ID(N'NewSSNEXIST') IS NULL
Begin
Create Table NewSSNEXIST
(
NewSSN nvarchar(9)NOT NULL
)
End
Begin
Insert into NewSSNEXIST
Exec uspCheckNewSSN @NewSSN
GO
End
If (select count(*) from NewSSNEXIST)>0
Begin
print 'social security number already used'
Truncate Table NewSSNEXIST;
Return
End
Else
--Begin update ssn
Begin
--Declare @OldSSN VARCHAR(9)
--Declare @NewSSN VARCHAR(9)
Declare @cmd VARCHAR(MAX)
--Set @OldSSN='222334444'
--Set @NewSSN='222334644'
Select @cmd = COALESCE(@cmd,'') +
'
UPDATE [' + TABLE_SCHEMA + '].[' + TABLE_NAME + '] SET [' + Column_Name + '] = ' + @NewSSN + '
WHERE [' + Column_Name + '] = ' + @OldSSN + '
'
From INFORMATION_SCHEMA.COLUMNS
Where Column_Name like 'SSN%'
OR Column_Name LIKE 'ssn%'
OR Column_Name LIKE 'ssn%'
OR Column_Name LIKE '%_ssn%'
OR Column_Name LIKE '_ocsecno'
OR Column_Name LIKE 'Ssn%';
--Select @cmd
EXEC(@cmd)
End
END
GO
除了过程中的
GO
关键字外,您还应该查看动态sql并按如下方式修复它
Declare @cmd VARCHAR(MAX)
Select @cmd = N' UPDATE ' + QUOTENAME(s.name) + N'.' + QUOTENAME(t.name)
+ N' SET ' + QUOTENAME(c.name) + N' = @NewSSN '
+ N' WHERE ' + QUOTENAME(c.name) + N' = @OldSSN '
From sys.tables t
Inner join sys.columns c ON t.object_id = c.object_id
Inner join sys.schemas s on t.schema_id = s.schema_id
Where c.name like 'SSN%'
OR c.name LIKE 'ssn%'
OR c.name LIKE 'ssn%'
OR c.name LIKE '%_ssn%'
OR c.name LIKE '_ocsecno'
OR c.name LIKE 'Ssn%';
--Select @cmd
EXEC sp_executesql @cmd
,N' @OldSSN VARCHAR(9) ,@NewSSN VARCHAR(9)'
,@OldSSN
,@NewSSN
您不能在存储过程中使用
GO
。您的代码中有一个批处理分隔符GO
。请为您自己和您的公司着想,通过重新设计存储此信息的方式来“修复”此过程。SSN不应存储为纯文本。不加密这些数据是疏忽我同意你sean。我继承了一个设计拙劣的数据库。我甚至不知道从哪里着手解决它。我会补充肖恩·兰格所说的。这不仅仅是数据疏忽,也不是加密SSN,dobs等人可能实际上是非法的。如果数据泄露出去,你和你的公司肯定会面临一大堆诉讼。