Amit Kumar
Reputation: 645
Create complex type of SP in EF which uses exec sp_executesql
I have a stored procedure something like this
CREATE PROCEDURE [dbo].[GetUserData]
(@departmentId varchar(max))
AS
BEGIN
Set FMTONLY off
declare @sql nvarchar(Max)
Set @sql = 'select * from Users where DepartmentId in ('+@departmentId+'))'
exec sp_executesql @sql
When I try to add this stored procedure to EF and create a complex type out of it, I get an error:
Selected procedure or function returns no column
SET FMTONLYoff also doesn't helps
This table has 25 columns and creating complex type manually will be a burden.
Upvotes: 0
Views: 428
Answers (1)
Tony Rogerson
Reputation: 589
Whatever you do - do not write code like that, a UK company got a SQL injection attack that has cost it around £35 million.
In your code I can write any injection I want into @departmentid parameter and you'll just execute it for me!
To answer your question - it's probably because there isn't actually a result from that stored procedure until it is actually executed.
Upvotes: 1
Related Questions
- Adding stored procedures complex types in Entity Framework
- No Complex Type created from new stored procedure, EF database first
- Stored procedure cannot create complex type in entity framework
- Entity Framework doesn't correctly create complex type from MySql stored
- Calling stored procedure entity framework dynamic result set using complex type
- Map stored procedure results to a custom complex type in Entity Framework
- How to stored procedure complex type to poco?
- Calling stored procedure in EF with Complex Data Type
- Execute Stored Procedure using Context.Database.SqlQuery<T> and Complex Type mapping
- Complex Types not working in Entity Model 3.5