Daily WTF - Deleting SQL Data (or Properly Formatting SQL)

We've been having an issue with one of our database tables' mysteriously deleting data at random. We could have *swore* it was some sort of SQL intrusion or code bug. We leaned towards SQL intrusion because this database has been in use for quite some time. However, that was not the case. A new Stored Procedure that touched this table was added recently. In quick review, it didn't appear that anything was wrong. Here it is:

ALTER PROCEDURE [dbo].[ProcedureName]
@EmailAddress varchar(256)
AS
IF EXISTS (SELECT TableID from The_Table_Name_Was_Pretty_Long
WHERE EmailAddress=@EmailAddress)
BEGIN
         DELETE The_Table_Name_Was_Pretty_Long
         WHERE @EmailAddress = @EmailAddress
END
Lesson Learned. :-)

It's kind of embarrasing that I've reviewed this statement at least 2 dozen times in the past 3 days and couldn't figure out what the issue was.

Published Thursday, April 12, 2007 10:54 AM by Jason N. Gaylord
Filed under:

Comments

No Comments