PRB: ???? ???? ?? ?????? SQL ?????????? ???? ????? ?????

?????? ????????? ?????? ?????????
???? ???????: 301299 - ??? ???????? ???? ????? ????? ??? ???????.
????? ???? | ?? ????

???????

????? ???? ?????? ????? ???? ?? ??????? ????? ????? (sp_executesql ?? ?????) ? ?? ????? ????? ????? ???????:
????: ????? 229 ? ??? ???? 1 ' permission ' 14 ??????? 5 ???? ??? ??? ?????? ' object ' ? ????? ???????? ' database ' ?????? ' owner '.

?????

???? ??? ?????? ???? ????? ??????? ????? ????? (sp_executesql ?? ?????) ?? ???? ?????? ?? ??????? ?????? ???????; ????? ?? ???? ???? ???????? ???? ???? ?????? ??????? ?????? ?? ???? ?? ???? ???? ???? ??????? ??????.

??????: ????? ??? ?? ???? ??? ?????? ?? ???? ????? ??? ????? ????? ???????.

???? ??????

??????? ?????? ??? ??? ???????:
  • ??? ??? ????? ???????? ??? ???? ???????? ???????? ?? ????????? ????? ?????? ???? ????.
  • ????? ????? ????? SELECT ?? ???? INTO ?????? ???? ???? ????? ??? ???? ???????? ?? ?????? ?????? ?? EXEC ????? SQL ????? ?????? ??????. ??? ?? viable ??? ???? ??????? ???? ??? ???? ?????? ?? ?????.

??????? ????

???? ???????? ???????? ??????? ??? ???????:
   create database dynamicSQL
   go
   use dynamicSQL
   create table employee(Name varchar(255), salary money)
   go
   create proc TestError @MySql nvarchar(500) As 
   exec (@mySql)
   go
   set nocount on
   insert employee select 'FunctionFunction', 100000
   insert employee select 'Function', 30000
   set nocount off
   exec sp_addlogin 'FunctionFunction'
   exec sp_adduser 'FunctionFunction'
   exec sp_addlogin 'Function'
   exec sp_adduser 'Function'

   grant execute on TestError to Function

   setuser 'Function'
				
reproduces ???? ???????? ???????? ?????? ??? ???????:
   go
   declare @Sql varchar(500)
   set @Sql = 'select * from employee where Name = ''FunctionFunction'''
   exec TestError @Sql
				
??????? ????????? ???????? ??????? ??? ????? ????? ?????? ???????? dynamicSql ? ??????? ?????? ???? ?? ????????? ?? ??? ????????? ????? ?????:
   go
   setuser 
   use master
   drop database dynamicSql
   exec sp_droplogin  'FunctionFunction'
   exec sp_droplogin 'Function'
				
????? ?? ????????? ??? ????? ??????? ???? ??????? ????? ??????? ?? "??? SQL Server ???????".

???????

???? ???????: 301299 - ????? ??? ??????: 20/?????/1424 - ??????: 3.2
????? ???
  • Microsoft SQL Server 2000 Standard Edition
  • Microsoft SQL Server 7.0 Standard Edition
????? ??????: 
kbmt kbprb KB301299 KbMtar
????? ????
???: ??? ????? ??? ?????? ???????? ?????? ????? ???? ????? ?????????? ????? ?? ????????? ?????? ????. ???? ???? ?????????? ???? ?? ???????? ???????? ?????? ????????? ????? ????????? ???????? ????? ???????? ?????? ?? ?????? ??? ?? ???????? ???????? ?? ????? ??????? ?????? ??? ??????? ?????? ??. ?????? ?? ???? ??? ??????? ???????? ????? ?? ???? ????? ?????? ??? ????? ??? ????? ??????? ?? ????? ?? ?????? ??? ??? ??????? ??????? ?? ????? ????? ????? ????? ?????. ?? ????? ???? ?????????? ??????? ??? ????? ?? ??????? ?? ????? ?????? ?? ??? ????? ?? ????? ??????? ?? ???????? ?? ??? ???????. ???? ???? ?????????? ???????? ??? ????? ?????? ??????? ??????
???? ??? ????? ??????? ?????? ??????????301299

????? ???????

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com