²ÎÊý»¯SQLÓï¾äSqlParameter
±ÜÃâSQL×¢ÈëµÄ·½·¨ÓÐÁ½ÖÖ£ºÒ»ÊÇËùÓеÄSQLÓï¾ä¶¼´æ·ÅÔÚ´æ´¢¹ý³ÌÖУ¬ÕâÑù²»µ«¿ÉÒÔ±ÜÃâSQL×¢È룬»¹ÄÜÌá¸ßһЩÐÔÄÜ£¬²¢ÇÒ´æ´¢¹ý³Ì¿ÉÒÔÓÉרÃŵÄÊý¾Ý¿â¹ÜÀíÔ±(DBA)±àдºÍ¼¯ÖйÜÀí£¨ÕâÖÖ×ö·¨ÎÒÔÚһЩ¹«Ë¾¼û¹ý£©£¬²»¹ýÕâÖÖ×ö·¨ÓÐʱºòÕë¶ÔÏàͬµÄ¼¸¸ö±íÓв»Í¬Ìõ¼þµÄ²éѯ£¬SQLÓï¾ä¿ÉÄܲ»Í¬£¬ÕâÑù¾Í»á±àд´óÁ¿µÄ´æ´¢¹ý³Ì£¬ËùÒÔÓÐÈËÌá³öÁ˵ڶþÖÖ·½°¸£º²ÎÊý»¯SQLÓï¾ä¡£ÀýÈçÎÒÃÇÔÚ±¾ÆªÖд´½¨µÄ±íUserInfoÖвéÕÒËùÓÐÅ®ÐÔÓû§£¬ÄÇôͨ³£Çé¿öÏÂÎÒÃǵÄSQLÓï¾ä¿ÉÄÜÊÇÕâÑù£º
select * from UserInfo where sex=0
ÔÚ²ÎÊý»¯SQLÓï¾äÖÐÎÒÃǽ«ÊýÖµÒÔ²ÎÊý»¯µÄÐÎʽÌṩ£¬¶ÔÓÚÉÏÃæµÄ²éѯ£¬ÎÒÃÇÓòÎÊý»¯SQLÓï¾ä±íʾΪ£º
select * from UserInfo where sex=@sex
ÎÒÃÇÔÙ¶Ô´úÂëÖжÔÕâ¸öSQLÓï¾äÖеIJÎÊý½øÐи³Öµ£¬¼ÙÈçÎÒÃÇÒª²éÕÒUserInfo±íÖÐËùÓÐÄêÁä´óÓÚ30ËêµÄÄÐÐÔÓû§£¬Õâ¸ö²ÎÊý»¯SQLÓï¾ä¿ÉÒÔÕâôд£º
select * from UserInfo where sex=@sex and age>@age
ÏÂÃæÊÇÖ´ÐÐÕâ¸ö²éѯ²¢ÇÒ½«²éѯ½á¹û¼¯ÒÔDataTableµÄ·½Ê½·µ»ØµÄ´úÂ룺
C# code
//ʵÀý»¯Connection¶ÔÏó
SqlConnection connection = new SqlConnection("Data Source=(local);Initial Catalog=AspNetStudy;Persist Security Info=True;User ID=sa;Password=sa");
//ʵÀý»¯Command¶ÔÏó
SqlCommand command = new SqlCommand("select * from UserInfo where sex=@sex and age>@age", connection);
//µÚÒ»ÖÖÌí¼Ó²éѯ²ÎÊýµÄÀý×Ó
command.Parameters.AddWithValue("@sex", true);
//µÚ¶þÖÖÌí¼Ó²éѯ²ÎÊýµÄÀý×Ó
SqlParameter parameter = new SqlParameter("@age", SqlDbType.Int);//×¢ÒâUserInfo±íÀïage×Ö¶ÎÊÇintÀàÐ͵Ä
parameter.Value = 30;
command.Parameters.Add(parameter);//Ìí¼Ó²ÎÊý
//ʵÀý»¯DataAdapter
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataTable data = new DataTable();
Ïà¹ØÎĵµ£º
create PROCEDURE pagelist
@tablename nvarchar(50),
@fieldname nvarchar(50)='*',
@pagesize int output,--ÿҳÏÔʾ¼Ç¼ÌõÊý
@currentpage int output,--µÚ¼¸Ò³
@orderid nvarchar(50),--Ö÷¼üÅÅÐò
@sort int,--ÅÅÐò·½Ê½£¬1±íʾÉýÐò£¬0±íʾ½µÐòÅÅÁÐ
......
Ò»¡¢±³¾°½éÉÜ
¡¡¡¡
¡¡¡¡½á¹¹»¯²éѯÓïÑÔ(Structured Query Language£¬¼ò³ÆSQL)ÊÇÓÃÀ´·ÃÎʹØϵÐÍÊý¾Ý¿âÒ»ÖÖͨÓÃÓïÑÔ£¬ÊôÓÚµÚËÄ´úÓïÑÔ£¨4GL£©£¬ÆäÖ´ÐÐÌصãÊǷǹý³Ì»¯£¬¼´²»ÓÃÖ¸Ã÷Ö´ÐеľßÌå·½·¨ºÍ;¾¶£¬¶øÊǼòµ¥µØµ÷ÓÃÏàÓ¦Óï¾äÀ´Ö±½ÓÈ¡µÃ½á¹û¼´¿É¡£ÏÔÈ»£¬ÕâÖÖ²»¹Ø×¢ÈκÎʵÏÖϸ½ÚµÄÓïÑÔ¶ÔÓÚ¿ª·¢ÕßÀ´ËµÓÐ׿«´óµÄ±ãÀû¡£È»¶ø£¬Ó ......
ÔÚsql²éѯ·ÖÎöÆ÷ÀïÃæÊDz»ÄÜÖ±½ÓÔËÐÐcmdÃüÁîµÄ
µ«ÊÇSQL¸ø³öÁËÒ»¸ö½Ó¿Ú
--´ò¿ª¸ß¼¶ÉèÖÃ
EXEC sp_configure 'show advanced options', 1
RECONFIGURE
--´ò¿ªxp_cmdshellÀ©Õ¹´æ´¢¹ý³Ì
EXEC sp_configure 'xp_cmdshell', 1
RECONFIGURE
Ê×ÏÈ ´ò¿ªÒ»Ð©ÅäÖÃ
È»ºóÖ´ÐÐÄãÒªÔËÐÐcmdÃüÁî
exec master..xp_cmdshell 'net star ......
Ò»²½Ò»²½Ñ§Linq to sql£¨Ò»£©£ºÔ¤±¸ÖªÊ¶
Ò»²½Ò»²½Ñ§Linq to sql£¨¶þ£©£ºDataContextÓëʵÌå
Ò»²½Ò»²½Ñ§Linq to sql£¨Èý£©£ºÔöɾ¸Ä
Ò»²½Ò»²½Ñ§Linq to sql£¨ËÄ£©£º²éѯ¾ä·¨
Ò»²½Ò»²½Ñ§Linq to sql£¨Î壩£º´æ´¢¹ý³Ì
Ò»²½Ò»²½Ñ§Linq to sql£¨Áù£©£ºÌ½¾¿ÌØÐÔ
Ò»²½Ò»²½Ñ§Linq to sql£¨Æߣ©£º²¢·¢ÓëÊÂÎñ ......
Five basic search conditions are summarized here:
1) Comparison test
2) Range test
3) Set membership test
4) Pattern matching test (Like)
The pattern matching test checks to see whether the data value in a column matches a specified pattern
% mathes any se ......
