1

I'm creating a SSIS package which has two variables that is going to assign values into another SQL Command variable. The data source is an ODBC connector and the destination is an OLEDB connector.

Variables name:

  • vPurchaseType (multiple values)
  • vTransactionDate (single value)
  • vPSourceQuery (SQL statement that is receive the others two variables)

One variable is a single row, this one it's working. The other variable is multiple values that is going to be ingested in a IN clause. But I'm not being able to pass multiple values in this one, I already tried Single row or Full result set but also doesn't work.

First variable result (vPurchaseType):

Query example:

SELECT Head FROM TableB
Head
12
9C
AA

The second variable must be between single quotes in order to work.

Second variable result (vTransactionDate):

Query example:

SELECT Head FROM TableA
Head
2020-01-01

Third variable:

SELECT
  ColA,
  ColB,
  ColC,
  ColD
FROM TableC
WHERE ColC >= '"+ @[User::vTransactionDate] + "'
AND ColD IN ("+ @[User::vPurchaseType] +")

My package:

enter image description here

Improve this question
7
  • You can't - at least not the way you're doing things. What is the source RDBMS that populates vPurchaseType? Commented Dec 27, 2021 at 18:56
  • That's bad. Can you please show me the way? I'm quite new at SSIS. The source is Teradata. Commented Dec 27, 2021 at 18:58
  • Why are you injecting and not using parameters? Commented Dec 27, 2021 at 19:01
  • Sorry, what do you mean @Larnu? The only parameters that I'm using is about permissions (user and password), the SQL scripts is variables. Commented Dec 27, 2021 at 19:31
  • ColC >= '"+ @[User::vTransactionDate] + "' that is injection. You are injecting the variable into the string. A major security vulnerability. Always, always, always parametrise. Commented Dec 27, 2021 at 19:36

1 Answer 1

Reset to default
2

Basically I'm using the solution of this article from MyTecBits - SQL Server: Concatenate Multiple Rows Into Single String, and applying that to my variable vPurchaseType, and receiving the values as Single Row. But I had to change the query a little bit, by using the function CAST AS VARCHAR (4000) to accept all the data from my column.

After that I changed my Data Flow, and did the swap from OLEDB Destination to ADO Net Destination, I also had to mark the option ValidadeExternalMetadata as False, and that's it! Now is working.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.