ADMIN_Search_GetSQL

Show allHide all

Deprecated. Don't use for new development and try to migrate existing uses.

Type: Scalar function

Retrieves the parameters from a saved search and combines them with the menuitem's SQL.

The menu item in question can not use auto parameters (, , etc.) other than session variables, and the values of those session variables must be provided when calling the function.

The menu item's stored procedure must use sp_executesql rather than EXEC if it uses dynamic SQL, or you risk security holes from SQL injection.

Return value: nvarchar(max)

A SQL string ready to be executed.

If the saved search contains parameters marked as obsolete then the return value is undefined.

Parameters

@SearchID mandatory int
ID of a saved search.
@SessionVariables mandatory xml
If the menu item's SQL referenecs session variables (ex. {s_userid}) then you must provide them.

The XML should be on the form
<row name="userid" value="99" />
<row name="companyid" value="6" />
and is easiest generated using FOR XML RAW.

If you do not need to specifiy session variables then you can pass NULL.