PIVOT in Sql server 2005

With the new PIVOT operatorin SQL Server 2005, the CASE statement and GROUP BY statements are no longernecessary. (Every PIVOT query involves an aggregation of some type, so you canomit the GROUP BY statement.) The PIVOT operator provides the samefunctionality that we tried to achieve with the CASE statement query, but youcan achieve it through less code, and it is a bit more pleasing on your eyes. Listing C is a sample PIVOT query tomimic our CASE statement query.

The meat of this query iscontained in the parentheses after the PIVOT operator. Inside the parentheses,we are using a SUM aggregate function to sum up the SalePrice for each Productlisted in the FOR Product IN() statement. This statement may seem somewhat oddbecause the values in the IN() statement are not enclosed in tick (') marks tosignify that they are literal values. These values are actually treated asColumnNames, and they are transformed into tabular fields in the final resultset.

If you run this query, youwill get a result similar to the one from our CASE statement query. The bigdifference is that this query still returns one row for each row listed in ourtable, which is not desirable; we want a distinct list of rows for each year ofsales listed in our table. The problem lies in the way we first constructed ourPIVOT query.

In the SELECT statement inthe query, we simply listed the year and a field for each product listed in ourSalesHistory table. The problem is that the SELECT statement that precedes thePIVOT clauses cannot specify which columns to use in the PIVOT clause. The PIVOT clause applies the grouping to all columns that are not the pivoted or aggregated fields. We can use a subquery to achieve the desired results. Listing D features the resulting query. This small change allows usto mimic our CASE statement query with less code.
Limitations

The PIVOT operator is usefulin many situations, yet there are drawbacks. Much of the functionality providedby the PIVOT operator requires you to "hard code" the fields that youare pivoting into columnar data. You can overcome this by building the PIVOTquery through dynamic TSQL statements, but this is not the most desirablesolution.

Another potential drawback ofusing the PIVOT clause is that you can only aggregrate one field in the resultset; in the CASE statement queries, you can aggregate as many fields as needed.

While these potentialsetbacks may seem like a big deterrent from using the new PIVOT operator, itstill has its place in the TSQL developers' toolbelt.


Example:

First we see a simple output from simple Select Statement


PIVOT



Then We are going to Pivot this table

PIVOT

Nullable Types In C sharp

Why Nullable Types?

Value types are "primitive" data types such as numbers. The .NET Framework stores value types in the stack and implicitly initializes them to their default values—even if you do not explicitly initialize them when they are defined. For example, an int gets initialized to 0, a bool to false, and so on. Unfortunately, most value types are unable to represent a null value, which presents a problem when you're working with data-centric applications where null values are possible, because you have to select some other value to represent null. But whatever value you choose to represent null is no longer available as a valid data value, which restricts the range of permissible values. In other words, if you elect to use -1 to represent null, you've removed -1 as a valid value from the range of numbers that the value type can support. In addition, you must check to ensure that the chosen "null-representation" values are ignored in other parts of the application—and you must make sure not to display the null-representation values directly to end users, who may not understand that the value represents null.

Developers have tried various approaches to solve the null-value type mismatch, but each has its associated pitfalls. This is where nullable types can help. They're perfect for situations where you may need to represent a value type in an undefined state.

The most common such situation occurs when you want to assign the value from a column of a database table (that allows for null values) to a C# type.

The System.Nullable Structure
C# 2.0 provides a System.Nullable generic type struct that you can use to define nullable types. The constructor accepts one parameter—the type itself—and is defined as shown below:

namespace System
{
public struct Nullable : System.IComparable,
System.INullableValue
{
public Nullable(T value);
public static explicit operator T(T? value);
public static implicit operator T?(T value);
public T Value { get; }
public bool HasValue { get; }
public T GetValueOrDefault();
}
}
Here's the syntax you use to define a nullable type:

System.Nullable variable = null;
Note that the generic type T in the preceding code stands for a value type, not a reference type.

As a more concrete example, you can define a nullable integer type as follows:

System.Nullable patientBilledAmount;
The long version above has an equivalent shorthand version:

int? patientBilledAmount;
In C# 2.0, a question mark (?) suffix following a data type designator specifies that the type can accept null values.

If you refer back to the nullable struct definition shown earlier, notice that any nullable type contains two properties that you use in tandem to check for null values. If the type contains a non-null value, the HasValue property returns true; otherwise it returns false. On the other hand, the Value property returns a non-null value if and only if the HasValue property returns true; otherwise, it throws an exception. So typically, you check nullable type values as follows:

if (patientBilledAmount.HasValue)
Console.WriteLine(patientBilledAmount.Value);
else
Console.WriteLine("The amount is null");

Web Form Printing

Print a Web Page Using JavaScript

By Puneet Sharma

with updates by HTMLGoodies Editorial Staff

You've probably been on a web page and wanted to print out the page for later reference. Wouldn't it be great to be able to provide visitors to your site to be able to do just that? This tutorial for web developers will show you how to use JavaScript's window.print function, complete with examples!

The JavaScript window.print() Function

Print is a method of the object "window." At first I thought that the command was simply capturing the buttons along the top of the browser window so all I had to do was substitute "print" with one of the other items, like "mail" or "home". No dice. I also tried setting up the same type of format with items found in the menus like "properties" and "Options." Error after error. It's apparently put into the DTD as a method unto itself.

Saving Grace!

The good thing about the command, the way the authors set it up, is that it does not immediately fire a print. It actually only fires the print window, which still gives your site's visitors a choice in the matter!

It's then up to the person who triggered the method whether to then continue with the printing or not. That's good because I can see a ton of problems with printers not being turned on and huge, huge files being set to print.

So, how to you set up the code? Well, try this first and then look at the code:

Click to Print This Page

And here's the code:

Click to Print This Page

The JavaScript is triggered by using the command "javascript:" in place of a URL, thus allowing a hypertext link to fire off the JavaScript.

And before you ask, yep, this will work with almost any JavaScript Event Handler as long as the format allows you to write it as a specific line or trigger a function.

You can set it to print off of an image:

It looks like this as an image:

And yes, you can set it to trigger off a button:

It looks like this as a form button:

To make sure that your visitors have JavaScript enabled before you provide them with a button that only works using JavaScript, you can use JavaScript to print out the button. That way if they have it disabled, no button appears, saving them the frustration of clicking a button that does absolutely nothing:

Some Printing Suggestions

Okay, now you have the power to force a print request, but that doesn't mean to simply offer a print on any page. You should make a point of being helpful to your users.

• Make a Page for Printing - The Goodies tutorials, as you can see, have a wavy background, a bunch of images, and stuff stuck in all over the place. They're not very good for printing. If I was to offer this page for printing, I would make a point of creating basically a text-only page, or at least a page with limited images and no background.
• Make the Page Printer-Friendly - I would lose all text colors and make sure the width of the page was no more than 500px, left justified, so that what was shown on the screen would print on the printed page in the same way.
• Allow the User to Choose to Print - My print offering would be text at the bottom or an icon that doesn't intrude. Everyone knows they can already print your pages without any help from your coding. So, make this something you offer as a help rather than putting it into people's faces.
• Never Attach This to a User Event - Don't set this to an onLoad, or an onMouseOver, or some other user event. It will only tend to upset those who have visited your page and probably stop them from coming back.

How to Session time out when computer got ideal

Session time must be set in web.config file

Use tag for session timeout Property
important : Remeber 10000 in seconds....


Use Session_End Event which is available in Global.asax file.....

Repeator Control in Asp.net

The Repeater control is used to display a repeated list of items that are bound to the control. The Repeater control may be bound to a database table, an XML file, or another list of items. Here we will show how to bind an XML file to a Repeater control.

How to set Connetion pooling in Web Config in asp.net

connectionString="Server=XXX;Database=XXX;User Id=XXX;password=XXX;connection timeout=0;Max Pool Size = 100;Pooling = True"

SQL Injection

Provide an example of SQL Injection

A SQL injection attack is exactly what the name suggests – it is where a hacker tries to “inject” his SQL code into someone else’s database, and force that database to run his SQL. This could potentially ruin their database tables, and even extract valuable or private information from their database tables. The idea behind SQL injection is to have the application under attack run SQL that it was never supposed to run. How do hackers do this? As always, it’s best to show this with an example.

SQL Injection Example

SQL injection attacks typically start with user inputs from people filling out a form on a website. A website ‘form’, if you don’t already know, is something you have definitely used – like when you log into Facebook you are using a form to login, where you input your email address and your password.

For our example of SQL injection, we will use a hypothetical form which many people have probably dealt with before: the “email me my password” form, which many websites have in case one of their users forgets their password.

The way a typical “email me my password” form works is this: it takes the email address as an input from the user, and then the application does a search in the database for that email address. If the application does not find anything in the database for that email address, then it simply does not send out an email address to anyone. However, if the applicationdoes successfully find that email address in its database, then it will send out an email to that person with a new password, or whatever information is required to reset the password.

Starting the SQL Injection Process

The SQL that would retrieve the email address in the “email me my password” form would typically look something like this:

SELECT data FROM table WHERE Emailinput = '$email_input'; 

This is, of course, a guess at what the SQL would look like, since a hacker would not know this information since he does not have access to that. The “$email_input” variable is what the user inputs into the form.

Now, the way a hacker would try to achieve his SQL injection is by inputting SQL where the email address would normally go in the form. A hacker would typically start by inserting an email address with a single quote attached to the end. What’s the point of this? Well, let’s suppose that the hacker tries to input an email address that looked like this – pay special attention to the fact that a quote is appended to the end of this email address:

hacker@programmerinterview.com' 

This would mean that the SQL being run would look like this – note that there is now an extra quote at the end of the WHERE statement in the SQL below:

SELECT data FROM table WHERE Emailinput = 'hacker@programmerinterview.com''; 

What does “sanitizing” the user input mean?

Now, what would happen if the SQL above is executed by the application? Well, that really depends on how the application is set up to handle bad SQL. If the application is ready to handle bad input data, then it will do what’s called “sanitize” the input and reject it with an error message saying something like “Incorrect email format”, or something similar.

Sanitizing data is the act of stripping out any characters that aren’t needed from the data that is supplied – in our case, the email address. Once the data is sanitized, then an error message can be returned saying that the data provided was bad.

The error response tells the hacker a lot

However, if the application is not sanitizing it’s input then it will actually run the bad SQL. So, if the application does run the SQL, then we could get something like an HTTP 500 error – note that this is different from the error message he would get if the application was sanitizing its input. The most important thing to note here is that the error message tells the hacker a lot – because it tells him whether or not the application is sanitizing its input. And if the application is not sanitizing it’s input then it means that the database can most probably be exploited, destroyed, and/or manipulated in some way that could be very bad for the application owner.

Let’s say that the hacker now knows that the database is vulnerable, and that he can attack further to get some really good information. What could our hacker do? Well, if he’s been able to successfully figure out the layout of the table, he could just type this code (where the email address would normally go):

UPDATE accounts SET email = 'hacker@ymail.com' WHERE email = 'joe@ymail.com';  

Then, if this malicious code is run by the application under attack, it would look like this:

SELECT data FROM accounts WHERE Emailinput ='Y';

UPDATE accounts SET email ='hacker@ymail.com'WHERE email = 'joe@ymail.com';

Can you see what this code is doing?  Well, it is resetting the email  address that belongs to “joe@ymail.com” to “hacker@ymail.com”.  This  means that the hacker is now changing a user’s account so that it uses  his own email address – hacker@ymail.com.  This then means that the  hacker can reset the password – and have it sent to his own email  address!  Now, he also has a login and a password to the application,  but it is under someone else’s account. 

In the example above, we did skip some steps that a hacker would have taken to figure out the table name and the table layout, because we wanted to keep this article relatively short. But, the idea is that SQL injection is a real threat, and taking measures to prevent it is extremely important.

How to prevent SQL injection attacks?

In our example above, the best way to have prevented the SQL injection attack was by simply having the user input sanitized – for which we also gave a definition earlier. Since we are dealing with email addresses in our example, this means that we should be able to safely exclude certain characters which don’t normally appear in email addresses. Here is a list of characters that would normally appear in emails, and anything else should not be allowed inside the database – the user should just receive an error saying something like “Invalid email address” if he tries to input an email address with any characters other than the ones below:

abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789 @.-_+ 

Substring function in sql server 2005/2008

Split Name

One common task performed in database applications is given a full name, how can

this be split into the first name and last name. In this article, three different methods are discussed to perform this task using three different functions in SQL Server.

It is assumed in this article that the full name is just made up of one first name and one last name.

Using SUBSTRING Function

The first method is the use of the SUBSTRING string function, as can be seen

from the following script:

DECLARE @FullName        VARCHAR(100) SET @FullName = 'John Doe'

SELECT SUBSTRING(@FullName, 1, CHARINDEX(' ', @FullName) - 1)

 AS [FirstName],   

 SUBSTRING(@FullName, CHARINDEX(' ', @FullName) + 1, LEN(@FullName))

AS [LastName] 

Given the full name of "John Doe", the script will generate the following output:

FirstName    LastName ------------ ---------------- John         Doe 

Aside from the SUBSTRING string function, it also used the CHARINDEX string

function. The CHARINDEX function returns the starting position of a specified

expression in a character string. The CHARINDEX function was used to look for

the space that separates the first name from the last name (CHARINDEX(' ', @FullName)).

If the full name only contains the last name, the following error message

will be encountered:

Server: Msg 536, Level 16, State 3, Line 4 Invalid length paramete

r passed to the substring function. 

To avoid this error message, the script above needs to be modified to check

if there's a space in the full name. If there's no space in the full name, it is

assumed that it only contains the last name. The following script overcomes

this problem:

DECLARE @FullName        VARCHAR(100) SET @FullName = 'JohnDoe'

SELECT SUBSTRING(@FullName, 1,

NULLIF(CHARINDEX(' ', @FullName) - 1, -1))

AS [FirstName],      

SUBSTRING(@FullName, CHARINDEX(' ', @FullName) + 1,

LEN(@FullName)) AS [LastName] 

The only difference between this script and the previous one is the addition of the

NULLIF function. The NULLIF function returns a null value if the two specified

expressions are equivalent. In the CHARINDEX function, if the space is not

found in the full name, it returns a value of 0. Then subtracting 1 from this gives

a value of -1. Using the NULLIF function, we are changing the length parameter

passed to the SUBSTRING function to NULL if the value returned by the

CHARINDEX minus 1 is -1. In the SUBSTRING function if the length parameter

is NULL, the string returned is NULL as well. Therefore, if there's no space in the

full name, the first name will have a value of NULL, as shown in the following result:

FirstName    LastName ------------ ---------------- NULL         JohnDoe 

Using LEFT and RIGHT Functions

The second method of getting the first name and last name from a full name is

using the LEFT and RIGHT functions. The LEFT and RIGHT functions are basically

the same as the SUBSTRING function. The LEFT function returns the part of a character

string starting at a specified number of characters from the left while the RIGHT

function returns the part of a character string starting a specified number of characters

from the right.

The script to split the full name string into the corresponding first name and last name using the LEFT and RIGHT string functions is as follows:

DECLARE @FullName        VARCHAR(100) SET @FullName = 'John Doe'

SELECT LEFT(@FullName, CHARINDEX(' ', @FullName) - 1) AS [FirstName],

    RIGHT(@FullName, CHARINDEX(' ', REVERSE(@FullName)) - 1) AS [LastName] 

In getting the first name, it is basically the same as the first version using the

SUBSTRING function. The only difference is that the LEFT function doesn't need the

starting position and it automatically starts at the first position.

In getting the last name, the RIGHT string function is used. The second parameter of the RIGHT function is the number of characters to extract from the full name starting from the right. To get the number of characters to extract, the CHARINDEX is again used. The only difference between the CHARINDEX used in the LEFT string function and RIGHT string function is the addition of the use of the REVERSE string function. Since we want to extract all characters starting from the space until the end of the string, we have to REVERSE the string and count the number of characters from there (CHARINDEX(' ', REVERSE(@FullName)).

To avoid the same error message discussed on the first version when there's no space in the full name, the following script can be used:

DECLARE @FullName        VARCHAR(100) SET @FullName = 'JohnDoe'

SELECT LEFT(@FullName, NULLIF(CHARINDEX(' ', @FullName) - 1, -1)) AS [FirstName],  



  RIGHT(@FullName, ISNULL(NULLIF(CHARINDEX(' ', REVERSE(@FullName)) - 1, -1),          

LEN(@FullName))) AS [LastName] 

It uses the same logic used in the first version which is the use of the NULLIF function to check if there's a space in the full name and return a NULL value for the first name if there's no space. As for the last name, it uses the NULLIF and ISNULL functions to return the full name as the last name if there's no space in it. This is done by passing the length of the full name as the second parameter to the RIGHT string function if there's no space in the full name.

Using PARSENAME Function

The last method in splitting a full name into its corresponding first name and last name is the use of the PARSENAME string function, as can be seen from the following script:

DECLARE @FullName        VARCHAR(100) SET @FullName = 'John Doe'

SELECT PARSENAME(REPLACE(@FullName, ' ', '.'), 2) AS [FirstName], 

   PARSENAME(REPLACE(@FullName, ' ', '.'), 1) AS [LastName] 

The PARSENAME string function returns the specified part of an object name. Parts of an object that can be retrieved are the object name, owner name, database name, and server name. In using the PARSENAME string function, we are tricking SQL Server into thinking that the value being passed to the first parameter, which is the object name, is an object within SQL Server since the function does not validate whether or not an object by the specified name exists.

The name of an object in SQL Server is composed of the following parts, separated by a period (.):

[Server Name].[Database Name].[Owner Name].[Object Name]

The second parameter of the PARSENAME function relates to each part of the

object name, each of which having the following values:

• Object Name - 1
• Owner Name - 2
• Database Name - 3
• Server Name - 4

In using the PARSENAME function to split the full name, we need to replace the space with a period (REPLACE(@FullName, ' ', '.')). Then to get the first name, we pass a value

of 2 to the PARSENAME string function, which corresponds to the [Owner Name]. To get the last name, we pass a value of 1 to the function, which corresponds to the [Object Name]. Even if there's no space separating the first name and last name, no error message will be encountered and a NULL value will be returned for the first name while the whole full name will be returned as the last name.

Inserted and Deleted table in sql server

create table Billings (
BankerID INTEGER,
BillingNumber INTEGER,
BillingDate datetime,
BillingTotal INTEGER,
TermsID INTEGER,
BillingDueDate datetime ,
PaymentTotal INTEGER,
CreditTotal INTEGER
;
GO

INSERT INTO Billings VALUES (1, 1, '2005-01-22', 165, 1,'2005-04-22',123,321);
GO

(1 rows affected)
INSERT INTO Billings VALUES (2, 2, '2001-02-21', 165, 1,'2002-02-22',123,321.);
GO

(1 rows affected)

CREATE TRIGGER trStudentsEcho
ON Billings
FOR UPDATE, INSERT, DELETE
AS
SELECT * FROM inserted
SELECT * FROM deleted
GO

drop trigger trStudentsEcho;
GO

drop table Billings;
GO

Trigger's In sql server

A trigger is a special kind of stored procedure that is invoked whenever an attempt is made to modify the data in the table it protects. Modifications to the table are made ussing INSERT,UPDATE,OR DELETE statements.Triggers are used to enforce data integrity and business rules such as automatically updating summary data. It allows to perform cascading delete or update operations. If constraints exist on the trigger table,they are checked prior to the trigger execution. If constraints are violated statement will not be executed and trigger will not run.Triggers are associated with tables and they are automatic . Triggers are automatically invoked by SQL SERVER. Triggers prevent incorrect , unauthorized,or inconsistent changes to data.

Creation of Triggers

Triggers are created with the CREATE TRIGGER statement. This statement specifies that the on which table trigger is defined and on which events trigger will be invoked.

To drop Trigger one can use DROP TRIGGER statement.

Code: SQL

Trigger rules and guidelines

A table can have only three triggers action per table : UPDATE ,INSERT,DELETE. Only table owners can create and drop triggers for the table.This permission cannot be transferred.A trigger cannot be created on a view or a temporary table but triggers can reference them. A trigger should not include SELECT statements that return results to the user, because the returned results would have to be written into every application in which modifications to the trigger table are allowed. They can be used to help ensure the relational integrity of database.On dropping a table all triggers associated to the triggers are automatically dropped .


The system stored procedure sp_depends can be used to find out which tables have trigger on them. Following sql statements are not allowed in a trigger they are:-

Code: SQL

ALL CREATE statements,ALL DROP statements,ALTER TABLE AND ALTER DATABASE,TRUNCATE TABLE,GRANT AND REVOKE,UPDATE STATISTICS,RECONFIGURE,LOAD DATABASE AND LOAD TRANSACTION, ALL DISK statements,SELECT INTO

INSERT trigger

When an INSERT trigger statement is executed ,new rows are added to the trigger table and to the inserted table at the same time. The inserted table is a logical table that holds a copy of rows that have been inserted. The inserted table can be examined by the trigger ,to determine whether or how the trigger action are carried out.

The inserted table allows to compare the INSERTED rows in the table to the rows in the inserted table.The inserted table are always duplicates of one or more rows in the trigger table.With the inserted table ,inserted data can be referenced without having to store the information to the variables.

DELETE trigger

When a DELETE trigger statement is executed ,rows are deleted from the table and are placed in a special table called deleted table.

UPDATE trigger

When an UPDATE statement is executed on a table that has an UPDATE trigger,the original rows are moved into deleted table,While the update row is inserted into inserted table and the table is being updated.

Syntax

Code: SQL

IF UPDATE

CREATE TRIGGER trigger1 ON member

FOR UPDATE

AS

IF UPDATE(last_name)

BEGIN

RAISEERROR('Transaction cannot be processed')

ROLLBACK TRANSACTION

END

Multi-row trigger

A multi-row insert can occur from an INSERT with a SELECT statement.Multirow considerations can also apply to multi-row updates and multi-row deletes.

Code: SQL

CREATE TRIGGER adult_insert ON adult

FOR INSERT

AS

DECLARE @rcnt int

SELECT @rcnt = @@rowcount

IF(SELECT COUNT(*) FROM member,inserted WHERE member.mem_num = inserted.mem_num)=0

BEGIN

PRINT 'Transaction not processed'

PRINT 'No entry for this member'

ROLLBACK TRANSACTION

END

IF(SELECT COUNT(*) FROM member,inserted WHERE member.mem_num = inserted.mem_num)<> @rcnt



BEGIN

PRINT 'Not all adults have an entry in the member table'

PRINT 'Multi-row insert transaction has been rolled backed'

ROLLBACK TRANSACTION

END

Finding Duplicates with SQL

Select email, count(email) as NUMOCCURRENCES
from users
GROUP BY email
HAVING(COUNT(email)>1)

Inline Table-Valued Functions

Inline TVF return a table example is given below

create table employee( ID int, name nvarchar (10), salary int, start_date datetime, city nvarchar (10), region char (1)) GO insert into employee (ID, name, salary, start_date, city, region) values (1, 'Jason', 40420, '02/01/94', 'New York', 'W') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (2, 'Robert',14420, '01/02/95', 'Vancouver','N') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (3, 'Celia', 24020, '12/03/96', 'Toronto', 'W') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (4, 'Linda', 40620, '11/04/97', 'New York', 'N') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (5, 'David', 80026, '10/05/98', 'Vancouver','W') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (6, 'James', 70060, '09/06/99', 'Toronto', 'N') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (7, 'Alison',90620, '08/07/00', 'New York', 'W') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (8, 'Chris', 26020, '07/08/01', 'Vancouver','N') GO (1 rows affected) insert into employee (ID, name, salary, start_date, city, region) values (9, 'Mary', 60020, '06/09/02', 'Toronto', 'W') GO (1 rows affected) select * from employee GO ID name salary start_date city region ----------- ---------- ----------- ----------------------- 1 Jason 40420 1994-02-01 00:00:00.000 New York W 2 Robert 14420 1995-01-02 00:00:00.000 Vancouver N 3 Celia 24020 1996-12-03 00:00:00.000 Toronto W 4 Linda 40620 1997-11-04 00:00:00.000 New York N 5 David 80026 1998-10-05 00:00:00.000 Vancouver W 6 James 70060 1999-09-06 00:00:00.000 Toronto N 7 Alison 90620 2000-08-07 00:00:00.000 New York W 8 Chris 26020 2001-07-08 00:00:00.000 Vancouver N 9 Mary 60020 2002-06-09 00:00:00.000 Toronto W (9 rows affected) -- Inline Table-Valued Functions CREATE FUNCTION myProc(@ID Int) RETURNS Table AS RETURN ( SELECT ID, Name, Salary FROM Employee WHERE ID = @ID 1 ) 1 GO SELECT * FROM myProc(1) GO ID Name Salary ----------- ---------- ----------- 1 Jason 40420 (1 rows affected) drop table employee GO