3

Whenever I try to use varchar in sp_executesql it's always throwing the following error:

Procedure expects parameter '@statement' of type 'ntext/nchar/nvarchar'

Is there any reason we should use nvarchar?

If "exec" allows us to use varchar, why not sp_executesql?

Sample Code:

DECLARE @IntVariable int;
DECLARE @SQLString **varchar**(500);--**we need to use nvarchar!! but why?**

DECLARE @ParmDefinition nvarchar(500);


SET @SQLString =
     'SELECT nationalidnumber, NationalIDNumber, Title, LoginID
       FROM AdventureWorks.HumanResources.Employee 
       WHERE nationalidnumber = @BusinessEntityID';
SET @ParmDefinition = '@BusinessEntityID int';

SET @IntVariable = 14417807;
EXECUTE sp_executesql @SQLString, @ParmDefinition,
                      @BusinessEntityID = @IntVariable;

SET @IntVariable = 109;
EXECUTE sp_executesql @SQLString, @ParmDefinition,
                      @BusinessEntityID = @IntVariable;
HoneyBadger
  • 14,750
  • 3
  • 34
  • 48
Dinesh
  • 31
  • 5
  • Please show us your code... – ErikEJ Apr 04 '16 at 10:00
  • Added my sample code with the question-Thanks – Dinesh Apr 04 '16 at 10:08
  • http://stackoverflow.com/questions/2743890/why-do-i-get-procedure-expects-parameter-statement-of-type-ntext-nchar-nvar – MusicLovingIndianGirl Apr 04 '16 at 10:13
  • 5
    Because `sp_executesql` is written to *expect* a SQL statement as a type `nvarchar` - that's just a design decision the guys made when writing that stored procedure. That's the way it's designed - so you need to comply with this. – marc_s Apr 04 '16 at 10:14
  • 1
    @MusicLovingIndianGirl He asked about the reason. The link which you have given is not the reason – Debaprasad Apr 04 '16 at 10:15
  • the main reason is provide support for Unicode characters – HaveNoDisplayName Apr 04 '16 at 10:20
  • 1
    My guess would be that specifying unicode rather than non-unicode is simply more modern practice, for many good reasons (it might even help to mitigate against malicious attacks on dynamic SQL based on bad character encoding.) The reason exec supports non-Unicode is for backwards compatibility -- exec is as old as the hills and changing it would break lots of existing code, whereas sp_executesql was introduced (with unicode parameters from the start) in SQL Server 2008. But to know for sure, you'd have to ask Microsoft. – Matt Gibson Apr 04 '16 at 10:28
  • Thanks for the valuable comments, So to use "unicode" they designed "sp_executesql" to accept only "nvarchar" – Dinesh Apr 04 '16 at 10:32
  • sp_executesql is an extended procedure, those are picky about parameter datatypes, and there's no automatic coercion unlike other places – siggemannen Mar 25 '23 at 15:20

1 Answers1

0

Msdn0

EXECUTE

Executes a command string or character string within a Transact-SQL batch

@string_variable

Is the name of a local variable. @string_variable can be any char, varchar, nchar, or nvarchar data type. These include the (max) data

types. [N] 'tsql_string'

Is a constant string. tsql_string can be any nvarchar or varchar data type. If the N is included, the string is interpreted as nvarchar data type.

Msdn1

sp_executesql

[ @stmt = ] statement

Is a Unicode string that contains a Transact-SQL statement or batch

So it needs variables in Unicode by design (as @marc_s said). And as @MattGibson commented it is a modern practice to use Unicode.

Msdn2

nvarchar [ ( n | max ) ]

Variable-length Unicode string data.

Msdn3

varchar [ ( n | max ) ]

Variable-length, non-Unicode string data.

And here you can read more about difference between varchar and nvarchar: What is the difference between varchar and nvarchar?

Community
  • 1
  • 1
gofr1
  • 15,741
  • 11
  • 42
  • 52