¾¡Á¿²»ÒªÆ´´ÕSqlÓï¾ä,ÓòÎÊýÀ´·À×¢Èë
Èç¹ûÊÇÀàËÆ"select * from user where uid="+uid +" and pwd="+pwd ºÜÈÝÒ׳öÎÊÌâ
ʹÓà SQLParamenter
°ÑÄãµÄSQLÓï¾äд³É ÀàËÆ´æ´¢¹ý³Ì
select * from user where uid=@uid and pwd=@pwd
ʹÓÃÕâ¸öSQLÓï¾ä¶¨ÒåΪ SQLCommand ¶ÔÏó È»ºóʹÓà Paramenter ¶ÔÏó°Ñ @*** Ì滻Ϊ Öµ
¾Í¿ÉÒԸ㶨עÈëʽ©¶´ÁË
Ïà¹ØÎĵµ£º
±êÇ©£ºÊý¾Ý·ÃÎÊ ADO.NET
µ÷ÓÃSQL´æ´¢¹ý³Ì ´æ´¢¹ý³ÌÔÚÒ»¸öµ¥ÔªÖзâ×°Á˸´ÔÓµÄSQL²éѯºÍÊý¾Ý¹ý³Ì£¬¿ÉÒÔÓɶà¸ö³ÌÐò»òÓû§Ö®¼äµ÷Óá£
Àý£º
� ......
Êý¾Ý¿â²Ù×÷£ºÀûÓú¯Êý¼õÉÙ´æ´¢¿Õ¼ä£¨ÒÔʱ¼ä»»È¡¿Õ¼ä£©
ÀýÈçÒ»¸ö±íÓÐIPÁУ¬ÔÚ´æ´¢µÄʱºòÎÒÃÇΪÁ˼õÉÙ´æ´¢¿Õ¼ä£¬¿ÉÒÔ½«Ëüת»¯ÎªÕûÊý£¬´æ´¢ÔÚÊý¾Ý¿â£¬µ«ÊÇÔÚ´ÓÊý¾Ý¿âÀï²éѯ²¢ÏÔʾ¸ø´ó¼Ò¿´µÄʱºò£¬¿ÉÄÜÄãÊÇ¿´²»Ã÷°×ÕûÊý¾ßÌåÊÇʲô¡£ÕâÑùΪÁËÀûÓÚ´ó¼ÒÔĶÁ·ÖÎöÊý¾Ý£¬¿ÉÒÔÔÚ²éѯµÄʱºòÀûÓú¯Êý½«ÕûÊýIPתΪΪ×Ö·û´®
ÀýÈ磺
&nbs ......
Sql server2005ÓÅ»¯²éѯËÙ¶È51·¨²éѯËÙ¶ÈÂýµÄÔÒòºÜ¶à£¬³£¼ûÈçϼ¸ÖÖ£¬´ó¼Ò¿ÉÒԲο¼Ï¡£
I/OÍÌÍÂÁ¿Ð¡£¬ÐγÉÁËÆ¿¾±Ð§Ó¦¡£
¡¡¡¡Ã»Óд´½¨¼ÆËãÁе¼Ö²éѯ²»ÓÅ»¯¡£
¡¡¡¡ÄÚ´æ²»×ã¡£
¡¡¡¡ÍøÂçËÙ¶ÈÂý¡£
¡¡¡¡²éѯ³öµÄÊý¾ÝÁ¿¹ý´ó(¿ÉÒÔ²ÉÓöà´Î²éѯ£¬ÆäËûµÄ·½·¨½µµÍÊý¾ÝÁ¿)¡£
¡¡¡¡Ëø»òÕßËÀËø(ÕâÒ²ÊDzéѯÂý×î³£¼ûµÄÎÊÌ ......
Sample1:
/* Variable Declaration */
DECLARE @EmpID AS SMALLINT
DECLARE @SQLQuery AS NVARCHAR(500)
/* Build and Execute a Transact-SQL String with a single parameter value Using EXECUTE Command */
SET @EmpID = 1001
SET @SQLQuery = 'SELECT * from tblEmployees WHERE EmployeeID = ' + CAST(@EmpID A ......
