问题描述

大家好，





我的查询：

Hi all,


My Query:

strQry = "Select Sitecode,Type,SpeedLimit,Triggerspeed from TBL_TXN_XML_DATA where rtrim(Sitecode) = '" + cmbsitewise.Text.Trim() + " ' and rtrim(Type) = '" + cmbtypewise.Text.Trim() + "'and rtrim(SpeedLimit) = cast(speedlimit as numeric),0)-cast(triggerspeed as numeric),0) '" + txtspeedlimit.Text.Trim() + "' and rtrim(TriggerSpeed) = '" + cmbtriggerspeed.Text.Trim() + "'and  rtrim(FileTime) = '" + cmbfiletime.Text.Trim() + "'  group by Sitecode,Type,SpeedLimit,Triggerspeed 

我的数据库：

Speedlimit Triggerspeed

50 65所以不同是15



i在我的文本框中输入speedlimit值> 10，那时我需要这个输出





网站代码

类型

speedlimit-50

Triggerspeed-65



如何在此输出中写入查询.pls help

My database:
Speedlimit Triggerspeed
50 65 so different is 15

i Enter the speedlimit value in my text box is >10 that time i need this output


sitecode
Type
speedlimit-50
Triggerspeed-65

how to write query in this output.pls help

推荐答案

Select Sitecode,Type,SpeedLimit,Triggerspeed from TBL_TXN_XML_DATA where
   Sitecode = 'SITE' and
   Type = 'TYPE' and
   SpeedLimit = 50-65 '50' and
   TriggerSpeed = '65' and
   FileTime = 'TIME'
group by Sitecode,Type,SpeedLimit,Triggerspeed

所以，你的速度限制是否定的......





但是请停在那儿！

看看你的speedlimit条款：

So, your speed limit is negative...


But stop right there!
Look at your speedlimit clause:

rtrim(SpeedLimit) = cast(speedlimit as numeric),0)-cast(triggerspeed as numeric),0) '" + txtspeedlimit.Text.Trim() + "'

所以这只在触发速度为零时匹配...



为了善良的缘故：

1）不要将数值存储为字符串 - 将它们存储为数字。如果你这样做，它们会更容易使用。

2）不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。请改用参数化查询。

So this only matches when the trigger speed is zero...

And for goodness sake:
1) Don''t store numeric values as strings - store them as numbers. They are much, much easier to work with if you do that.
2) Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

这篇关于如何解决问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！