StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
9240960
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-02-11T14:28:02.667
FavoriteCount
0
LastActivityDate
2012-02-11T14:28:02.667
LastEditDate
LastEditorUserId
0
OwnerUserId
569436
ParentId
9231411
PostTypeId
2
Score
15
ViewCount
0
LastEditorDisplayName
text
Body
Here are a couple of solutions for you. Sample data: <pre><code>declare @xml xml set @xml = '<EventSpecificData> <Keyword> <Word>myWord</Word> <Occurences>1</Occurences> <Context>context</Context> </Keyword> </EventSpecificData>' </code></pre> Get the first value from node named Word regardless of parents. Use <code>//</code> to do a deep search and use <code>local-name()</code> to match node name. <pre><code>declare @Attribute varchar(max) set @Attribute = 'Word' select @xml.value('(//*[local-name() = sql:variable("@Attribute")])[1]', 'varchar(max)') </code></pre> Provide parent node name and attribute in separate variables using <code>local-name()</code> in two levels. <pre><code>declare @Node varchar(max) declare @Attribute varchar(max) set @Attribute = 'Word' set @Node = 'Keyword' select @xml.value('(/EventSpecificData /*[local-name() = sql:variable("@Node")] /*[local-name() = sql:variable("@Attribute")])[1]', 'varchar(max)') </code></pre> Since the parameter to <code>nodes</code> have to be a string literal it invites to use dynamic sql to solve this. It could look something like this to make it work with your original variable content. <pre><code>set @Attribute = 'Keyword/Word' declare @SQL nvarchar(max) set @SQL = 'select @xml.value(''(/EventSpecificData/'+@Attribute+')[1]'', ''varchar(max)'')' exec sp_executesql @SQL, N'@xml xml', @xml </code></pre> But you should be aware of that if you use this you are wide open to SQL Injection attacks. Some devious end-user might come up with a attribute string that looks like this: <pre><code>set @Attribute = 'Keyword/Word)[1]'', ''varchar(max)'') select @@version --' </code></pre> Executing the dynamic SQL with that will give you two result sets. The <code>select @@version</code> is just there to show some harmless code but it might be much worse stuff in there. You can use <code>quotename()</code> to prevent the SQL injection attack. It will at least prevent the attempt made by me. <pre><code>set @Attribute = 'Keyword/Word' set @SQL = 'select @xml.value('+quotename('(/EventSpecificData/'+@Attribute+')[1]', '''')+', ''varchar(max)'')' exec sp_executesql @SQL, N'@xml xml', @xml </code></pre> Is the last version using <code>quotename()</code>safe? Have a look at this article by Erland Sommarskog <a href="http://www.sommarskog.se/dynamic_sql.html">The Curse and Blessings of Dynamic SQL</a>. Quote: <blockquote> So with quotename() and quotestring(), do we have as good protection against SQL injection as we have with parameterised commands? Maybe. I don't know of any way to inject SQL that slips through quotename() or quotestring(). Nevertheless, you are interpolating user input into the SQL string, whereas with parameterised commands, you don't. </blockquote>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POGet SQL xml attribute value using variable
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USMikael Eriksson
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POGet SQL xml attribute value using variable
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.