3

In a .NET project I need to verify if a string is a valid Microsoft SQL Server 2005 parameter identifier.

Example: SELECT * FROM table WHERE column = @parameter

Is there a runtime class method to validate a string for being a parameter, or is there a regular expression that verifies the rules? (see below)

From the documentation on identifiers, parameters should comply to these general identifier rules:

  1. The first character must be one of the following: * A letter as defined by the Unicode Standard 3.2. The Unicode definition of letters includes Latin characters from a through z, from A through Z, and also letter characters from other languages. * The underscore (_), at sign (@), or number sign (#).
    Certain symbols at the beginning of an identifier have special meaning in SQL Server. A regular identifier that starts with the at sign always denotes a local variable or parameter and cannot be used as the name of any other type of object. An identifier that starts with a number sign denotes a temporary table or procedure. An identifier that starts with double number signs (##) denotes a global temporary object. Although the number sign or double number sign characters can be used to begin the names of other types of objects, we do not recommend this practice. Some Transact-SQL functions have names that start with double at signs (@@). To avoid confusion with these functions, you should not use names that start with @@.
  2. Subsequent characters can include the following: * Letters as defined in the Unicode Standard 3.2. * Decimal numbers from either Basic Latin or other national scripts. * The at sign, dollar sign ($), number sign, or underscore.
  3. The identifier must not be a Transact-SQL reserved word. SQL Server reserves both the uppercase and lowercase versions of reserved words.
  4. Embedded spaces or special characters are not allowed.
  5. Supplementary characters are not allowed.

When identifiers are used in Transact-SQL statements, the identifiers that do not comply with these rules must be delimited by double quotation marks or brackets.

Since I want to validate parameters only, identifiers must start with an @ sign, and must not be delimited.

Improve this question
1
  • Are you trying to parse SQL from some app, or do you want to run the SQL statement afterwards? Commented Apr 22, 2009 at 3:39

2 Answers 2

Reset to default
7

I was stumbling over the Unicode character classes, but once I found out that they are supported in .NET regular expressions, I came up with the following regular expression solving my question:

@[\p{L}{\p{Nd}}$#_][\p{L}{\p{Nd}}@$#_]*

This enforces:

  • Identifier always starts with @, making it a parameter.
  • No @ in the second position allowed to avoid confusion with special TSQL functions.
  • Allows only characters as defined in the rules.
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

+1, but I would like to point out that @@identifiers are not supported by this regular expression. @BartVerkoeijen pointed out his reasoning, but it should be clear that even while they might be confused for special TSQL functions, they are in fact valid identifiers. A regular expression that exactly fits the specification would be @[\p{L}\p{Nd}@$#_]+
@LunicLynx This will allow multiple @s anywhere in the identifier. If that's intentional, then perfect :-) If you want to allow either one or two @ symbols at the start only, then consider starting the regex with @@? instead of including @ in the character class.
0

I found this article about creating a function for evaluating regular expressions on TSQL, internally uses VBScript, check it out here

Another link you can find useful, but i think it needs registration, here

Another idea could be handle @parameter as a sysname datatype, don't know if it fits here

Improve this answer

1 Comment

Thanks for your input, but I'd like to check the rules on the client side (in this case ASP.NET) and not on the server side. I'm sorry if I was unclear on this part.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.