I want to pass my [Domain\username] as string .
And if i pass my database name as string , how to execute the below line. because it doesnt accepts string?
How to overcome the above problem?
You could use dynamic SQL.
This isn't as good as the best way to use sp_executesql (that would involve passing in the parameters, but you would be right back where you started), but the quotename will help protect you from potential SQL injection attacks.
answered Jun 08, 2011 at 04:03 AM