当前位置: 文江博客话题详情

存储过程的多个参数

发布于 2024-10-20 11:24:40 字数 350 浏览 2 评论 0原文

我需要从包含 96 个字段的记录中选择 45 个字段(不要问我,但我无法标准化它们,如果可以的话我会这样做)。所以,我有这个页面,一旦加载到用户面前,就需要所有这 45 个页面。

基本上,我在想,我会创建一个新的存储过程,它将检索所有字段名并将它们放入一个字段和所有值并将它们放入另一个字段,基本上最终会得到两个参数。然后我最终会用 C# 处理它们。

现在我的问题是,1,这样做正确吗?第二,如果是的话,我不知道如何选择字段并将其放在一个参数上。

select @sql = ' select 'field1' + 'field2' + 'field3'.....

我很困惑从哪里开始?

原文

I need to select 45 fields from a record which has 96 of them (dont ask me, but i can't normalize them, i would if i could). So, I have this page who would need all those 45 on them once it's loaded in front of the user.

Basically, I was thinking, I would make a new stored proc that would retrieve all the fieldnames and put them into one field and all the values and put them into another field and basically would end up with two parameters. I would then end up processing them in C#.

Now my question is, 1, is it the right way to do it? 2nd, if it is I can't figure out how to select the fields and put it on one parameter.

select @sql = ' select 'field1' + 'field2' + 'field3'.....

im confused on where to start?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

清风无影 2024-10-27 11:24:40

一方面,你让这种方式变得比它需要的更加复杂。我永远不会知道一张表上到底如何有 96 列,但要选择您需要的 45 列,您只需在 select 语句中键入 45 列即可。

下面是 SQL 的示例。当然,我不会输入 45 列,但您明白了:

SELECT FirstName, LastName, Age, [keep going to 45] FROM tblUsers

我想解决的另一个问题是执行 SQL 语句的方式。永远不要将字符串变量连接到一个 SQL 字符串中。确保您至少使用参数化查询。但我建议有时也研究一下 Entity Framework 或 LINQ to SQL。

SqlCommand scomm = new SqlCommand("UPDATE tblUsers SET FirstName='" + firstName + "' WHERE UserID='" + userId + "'");

那^^^就等于很糟糕。想象一下,如果用户决定偷偷摸摸地将他的名字设为Harry' AND Admin='true,会发生什么。您可能会想,“哦,好吧,我只需对所有变量执行 firstName = firstName.Replace("'","''"); 即可。如果您这样做,我会亲自来打孔像这样参数化您的查询:

SqlCommand scomm = new SqlCommand("UPDATE tblUsers SET FirstName=@FirstName WHERE UserID=@UserID");
scomm.Parameters.Add(new SqlParameter("FirstName", firstName));
scomm.Parameters.Add(new SqlParameter("UserID", userId));

编辑 ^^^ 等于更好。

此外,如果您有机会重新处理您拥有的庞大表,请尝试将字段子集重构到它们中。自己的实体(表)并通过引用 ID 链接它们,例如,假设我有一个名为 [tlbUsers] 的表,它包含有关特定用户的信息,如下所示:

[tlbUsers]
UserID
FirstName
LastName
Age
Username
StreetAddress
City
State
ZipCode
Country
Phone

考虑重构该表,以便相关值拥有自己的表。可以从该用户表中获取所有地址信息并将其放入名为 tlbAddresses 的表中,这不仅可以使提取数据时更容易处理,而且还可以节省数据库空间。哈利和莎莉住在同一个家里,他们可以引用相同的地址记录。

[tlbUsers]
FirstName
LastName
Age
Username
AddressID
Phone

[tlbAddresses]
AddressID
Street
City
State
ZipCode
Country

Well for one thing you are making this way more complex than it needs to be. How in the world you have 96 columns on one table I will never know, but to select the 45 you need you're just going to have to type out 45 columns in the select statement.

Here is a sample of what the SQL would look like. Naturally I'm not going to type 45 columns, but you get the idea:

SELECT FirstName, LastName, Age, [keep going to 45] FROM tblUsers

The other issue I would like to address is the way you are executing your SQL statement. NEVER EVER EVER EVER EVER EVER EVER concatenate string variables into one SQL string. Make sure you are using parameterized queries at the very least. But I would recommend looking into Entity Framework or LINQ to SQL sometime as well.

SqlCommand scomm = new SqlCommand("UPDATE tblUsers SET FirstName='" + firstName + "' WHERE UserID='" + userId + "'");

That ^^^ equals very bad. Think about what would happen if a user decided to be sneaky and make his first name Harry' AND Admin='true. You might think, "Oh, well I'll just do firstName = firstName.Replace("'","''"); on all my variables. If you do that I will personally come punch you. Parameterize your queries like this:

SqlCommand scomm = new SqlCommand("UPDATE tblUsers SET FirstName=@FirstName WHERE UserID=@UserID");
scomm.Parameters.Add(new SqlParameter("FirstName", firstName));
scomm.Parameters.Add(new SqlParameter("UserID", userId));

That ^^^ equals much better.

EDIT Also if you ever get a chance to re-work that monster of a table you have, try refactoring subsets of fields into their own entity (table) and linking them via a reference ID. For example, say I have a table called [tlbUsers] and it contains info about a specific user. Like this:

[tlbUsers]
UserID
FirstName
LastName
Age
Username
StreetAddress
City
State
ZipCode
Country
Phone

Consider refactoring that so that related values have their own table. You could take all the address info from this users table and put it in a table called tlbAddresses. Not only would that make it easier to deal with when pulling in the data, but it could potentially save you space in the database. For instance, if Harry and Sally both live in the same home, they could reference the same address record.

[tlbUsers]
FirstName
LastName
Age
Username
AddressID
Phone

[tlbAddresses]
AddressID
Street
City
State
ZipCode
Country
回复 原文
む无字情书 2024-10-27 11:24:40

我在理解你的问题时遇到了一些困难,但是如果你想将可变数量的参数传递给存储过程,我可以想到两种方法,分别需要 SQL Server 2005 和 SQL Server 2008。

第一个利用 XML。让您的过程采用 varchar(max) 参数,然后您可以轻松地将其拆分出来。例如,如果您用逗号分隔您想要的内容,您可以:

DECLARE @xml xml
SET @xml = cast('<x>'+replace(@yourArg,',','</x><x>')+'</x>' as xml)

SELECT N.value('.','varchar(max)') AS myArgName FROM @xml.nodes('x') AS T(N)

此外,您可以利用表值变量并选择表中的输入并将其传递给存储过程。请参阅http://www.sqlteam.com/article/sql-以 server-2008-table-valued-parameters 为例。

I am having a little trouble understanding your question, however if you want to pass a variable number of parameters to a stored procedure there are two ways I can think of that you can do it, which require SQL Server 2005 and SQL Server 2008 respectively.

The first leverages XML. Have your procedure take a varchar(max) argument and then you can easily split it out. For example, if you comma separate what you want, you could:

DECLARE @xml xml
SET @xml = cast('<x>'+replace(@yourArg,',','</x><x>')+'</x>' as xml)

SELECT N.value('.','varchar(max)') AS myArgName FROM @xml.nodes('x') AS T(N)

Also, you could leverage table valued variables and select your inputs into a table and pass that to the stored procedure. See http://www.sqlteam.com/article/sql-server-2008-table-valued-parameters for an example.

回复 原文
神妖 2024-10-27 11:24:40

您可以在一个字段中以 xml 形式返回数据。

测试表

create table TestTbl(ID int, F1 int, F2 int, F3 int, F4 int) -- to F96

测试数据

insert into TestTbl values (1, 2, 3, 4, 5)

查询

select
  (select
    F1, F2, F3, F4 -- to F45 
   from TestTbl
   where ID = 1
   for xml path('root'), type) as XMLData

结果

XMLData
-----------------------------------------------------
<root><F1>2</F1><F2>3</F2><F3>4</F3><F4>5</F4></root>

XMLData 字段中的 XML

<root>
  <F1>2</F1>
  <F2>3</F2>
  <F3>4</F3>
  <F4>5</F4>
</root>

You can return the data as xml in one field.

Test table

create table TestTbl(ID int, F1 int, F2 int, F3 int, F4 int) -- to F96

Test data

insert into TestTbl values (1, 2, 3, 4, 5)

Query

select
  (select
    F1, F2, F3, F4 -- to F45 
   from TestTbl
   where ID = 1
   for xml path('root'), type) as XMLData

Result

XMLData
-----------------------------------------------------
<root><F1>2</F1><F2>3</F2><F3>4</F3><F4>5</F4></root>

XML in XMLData field

<root>
  <F1>2</F1>
  <F2>3</F2>
  <F3>4</F3>
  <F4>5</F4>
</root>
回复 原文
~没有更多了~

关于作者

淑女气质

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

烙印

文章 0 评论 0

singlesman

文章 0 评论 0

给自己一个微笑

文章 0 评论 0

独孤求败

文章 0 评论 0

晨钟暮鼓

文章 0 评论 0

我是自愿种绣球花的

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文