Home/ Questions/Q 6876679
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T04:30:27+00:00

SQl Server 2008 example: on the page to edit user profile settings like DOB,

  • 0

SQl Server 2008

example:

on the page to edit user profile settings like DOB, gender, name etc…, I wouldn’t know which columns user wanted me to update. Should I pass in all these values to the stored procedure, and update all of the profile columns values even though the user may have changed only one or two of them? It seems a little bad, is it?

Using dynamic sql is not an option due to security concerns.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Create a stored procedure that has default parameters set to null. Then just supply the parameters that you want to change. In the update statement, check for null values like this Age = isnull(@Age, Age).

    See the example below:

    -- sample table
    create table UserProfile
    (
        ID int identity(1,1),
        UserName nvarchar(10),
        Gender char(1),
        Age int
    )

    insert into UserProfile values('Bob', 'M', 19)
    insert into UserProfile values('June', 'F', 23)

-- stored proc    
    create proc UpdateUser
    ( 
        @ID int,
        @UserName nvarchar(10) = null,
        @Gender char(1) = null,
        @Age int = null
    )
    as
    begin
        update UserProfile set
            UserName = isnull(@UserName, UserName),
            Gender = isnull(@Gender, Gender),
            Age = isnull(@Age, Age) 
        where ID = @ID
    end

-- usage:    
    exec UpdateUser @ID=1, @Age=29
    exec UpdateUser @ID=1, @UserName='Bill'
    exec UpdateUser @ID=2, @UserName='Julie', @Age=24
    exec UpdateUser @ID=2, @UserName='Mitch', @Gender='M', @Age=56

    select * from UserProfile
    • 0