Raise error in case of error : RAISERROR « Transact SQL « SQL Server / T-SQL Tutorial

6> DECLARE @sql AS NVARCHAR(4000),
7>   @b AS VARBINARY(1000), @s AS VARCHAR(2002);
8> SET @s = '0x0123456789abcdef';
9>
10> IF @s NOT LIKE '0x%' OR @s LIKE '0x%[^0-9a-fA-F]%'
11> BEGIN
12>   RAISERROR('Possible SQL Injection attempt.', 16, 1);
13>   RETURN;
14> END
15>
16> SET @sql = N'SET @o = ' + @s + N';';
17> EXEC sp_executesql
18>   @stmt = @sql,
19>   @params = N'@o AS VARBINARY(1000) OUTPUT',
20>   @o = @b OUTPUT;
21>
22> SELECT @b;
23> GO



--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------
0x0123456789ABCDEF


1>
2>

20.21.RAISERROR
	20.21.1.	RAISERROR syntax
	20.21.2.	Using RAISERROR without an Error Number
	20.21.3.	RAISERROR (50001, 15, -1, @parm1, @parm2)
	20.21.4.	Raise exception with parameters
	20.21.5.	The syntax of the RAISERROR statement: RAISERROR ({message_id\|message_string}, severity, state [, argument]...)
	20.21.6.	Raising a message not defined in sysmessages.
	20.21.7.	Raise error out of a procedure
	20.21.8.	Raise error in case of error
	20.21.9.	Using RAISERROR with the SETERROR Option