DF016: EXEC(@sql) is used.

Last modified: December 25, 2024

The topic describes the DF016 T-SQL code analysis rule.

Message

EXEC(@sql) is used.

Description

It is not recommended to use EXEC(@sql) to run dynamic SQL. Use the sp_executesql procedure instead.

Additional information

Parameters can be provided by specifying a value or by using the syntax @parameter_name=value. It is important to note that parameters are not included in a transaction. Therefore, if a parameter is modified within a transaction that is subsequently rolled back, the parameter value is not reverted to its previous state. Instead, the value returned to the caller always reflects the value when the module completes execution.

Noncompliant code example

EXEC ('select * from dbo.Customers')

Compliant solution

EXEC sys.sp_executesql N'select * from dbo.Customers'

Was this page helpful?

data:image/svg+xml,%3csvg%20width='20'%20height='20'%20viewBox='0%200%2020%2020'%20fill='none'%20xmlns='http://www.w3.org/2000/svg'%3e%3cg%20id='thumb_up'%3e%3cmask%20id='mask0_676_39376'%20style='mask-type:alpha'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='20'%20height='20'%3e%3crect%20id='Bounding%20box'%20width='20'%20height='20'%20fill='%23D9D9D9'/%3e%3c/mask%3e%3cg%20mask='url(%23mask0_676_39376)'%3e%3cpath%20id='thumb_up_2'%20d='M15%2017H5.5V7L11.5%201L12.1667%201.45833C12.4028%201.625%2012.5833%201.83681%2012.7083%202.09375C12.8333%202.35069%2012.8681%202.61806%2012.8125%202.89583L12.7917%203L12%207H17.5C17.9167%207%2018.2708%207.14583%2018.5625%207.4375C18.8542%207.72917%2019%208.08333%2019%208.5V9.6875C19%209.79861%2018.9896%209.89931%2018.9688%209.98958C18.9479%2010.0799%2018.9167%2010.1736%2018.875%2010.2708L16.3944%2016.0875C16.2703%2016.3625%2016.0833%2016.5833%2015.8333%2016.75C15.5833%2016.9167%2015.3056%2017%2015%2017ZM7%2015.5H15L17.5%209.6875V8.5H10.1667L11.1875%203.4375L7%207.625V15.5ZM5.5%207V8.5H2.5V15.5H5.5V17H1V7H5.5Z'%20fill='%2327282C'/%3e%3c/g%3e%3c/g%3e%3c/svg%3e

Yes

data:image/svg+xml,%3csvg%20width='20'%20height='20'%20viewBox='0%200%2020%2020'%20fill='none'%20xmlns='http://www.w3.org/2000/svg'%3e%3cg%20id='thumb_down'%3e%3cmask%20id='mask0_676_39381'%20style='mask-type:alpha'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='20'%20height='20'%3e%3crect%20id='Bounding%20box'%20width='20'%20height='20'%20fill='%23D9D9D9'/%3e%3c/mask%3e%3cg%20mask='url(%23mask0_676_39381)'%3e%3cpath%20id='thumb_down_2'%20d='M5%203H14.5V13L8.5%2019L7.83333%2018.5417C7.59722%2018.375%207.41667%2018.1632%207.29167%2017.9062C7.16667%2017.6493%207.13194%2017.3819%207.1875%2017.1042L7.20833%2017L8%2013H2.5C2.08333%2013%201.72917%2012.8542%201.4375%2012.5625C1.14583%2012.2708%201%2011.9167%201%2011.5V10.3125C1%2010.2014%201.01042%2010.1007%201.03125%2010.0104C1.05208%209.92014%201.08333%209.82639%201.125%209.72917L3.60417%203.91667C3.71528%203.63889%203.89931%203.41667%204.15625%203.25C4.41319%203.08333%204.69444%203%205%203ZM13%204.5H5L2.5%2010.3125V11.5H9.83333L8.8125%2016.5625L13%2012.375V4.5ZM14.5%2013V11.5H17.5V4.5H14.5V3H19V13H14.5Z'%20fill='%2327282C'/%3e%3c/g%3e%3c/g%3e%3c/svg%3e

Want to find out more?

Overview

Take a quick tour to learn all about the key benefits delivered by SQL Complete.

All features

Get acquainted with the rich features and capabilities of the tool in less than 5 minutes.

Request a demo

If you consider employing this tool for your business, request a demo to see it in action.

Ready to start using

SQL Complete?

Download a FREE 14-day trial

DF016: EXEC(@sql) is used.

DF016: EXEC(@sql) is used.

Category

Message

Description

Additional information

Noncompliant code example

Compliant solution

Want to find out more?

Overview

All features

Request a demo

Ready to start using

SQL Complete?