In this workshop you'll learn how to write flexible SQL statements.
- A running copy of database xtreme.
- Finalized the exercises about:
- stored procedures;
- cursors.
We'd like to know for every ProductClassID how many products are produced in.
- USA;
- Canada;
- Japan;
- UK;
- A total of all the countries combined.
A possible SQL statement that produces this output is listed below.
SELECT Product.ProductClassID,
SUM(CASE WHEN Supplier.Country ='USA' THEN 1 ELSE 0 end) AS 'USA',
SUM(CASE WHEN Supplier.Country ='Canada' THEN 1 ELSE 0 end) AS 'Canada',
SUM(CASE WHEN Supplier.Country ='Japan' THEN 1 ELSE 0 end) AS 'Japan',
SUM(CASE WHEN Supplier.Country ='UK' THEN 1 ELSE 0 end) AS 'UK',
COUNT(Product.productid) AS TOTAL
FROM Product
JOIN Supplier ON Product.SupplierID = Supplier.SupplierID
GROUP BY ProductClassIDNote that the
countriesare hardcoded in this statement, this can create a maintenance nightmare... Everytime a new country comes into the list we have to update the statement. We'd rather use a dynamic SQL approach so that every country is listed automagically and not onlyUSA,Canada, ...
- Rewrite the statement so that the countries are no longer hardcoded;
- Wrap the statement in a
stored procedurecalledSP_ProductClass_By_Country_Amount.
Make sure the following code can be executed:
EXECUTE SP_ProductClass_By_Country_Amount;- Run the hardcoded statement to see the output;
- To know where the products are produced you have to look at the origin (country) of the supplier;
- A cursor can help to fetch all countries;
- Use dynamic SQL to create totals;
- You can reuse parts of the given statement.
- What are the disadvantages of using Dynamic SQL statements?
- What is SQL Injection?
- Can you invoke a Dynamic SQL statement in a User Defined Function(UDF)?
A possible solution of this exercise can be found here