当前位置：文江博客话题详情

在MSSQL中连接三个表

发布于 2024-12-25 12:15:28 字数 1030 浏览 0 评论 0原文

我在 MSSQL 中有一个游戏的三个表，其结构如下：

CHARS 这是它的查找表：

strAccount 链接到 NGSCUSER 的主键，它是帐户用户名
strChar01，这是第一个字符槽
strChar02，这是第二个字符槽
strChar03，这是第三个字符槽

这些具有 gameuser 表的主键，它们是角色名称

NGSCUSER

strUserID 帐户用户名
strPasswd 帐户密码

GAMEUSER

strUserId 这是角色name
sRank 角色是否是游戏高手

我需要做的是将登录详细信息与查询中的 PHP 变量 $username 和 $password 进行比较，最重要的是检查它们关联的字符并找出它的 sRank 是否为 1

我假设我需要某种类型的三表连接，但我不知道如何进行任何示例或帮助将不胜感激

这是我尝试过的查询到目前为止，但它在第三行出错，“CHARS”附近的语法不正确：

SELECT NGSCUSER.strUserID, NGSCUSER.strPasswd, GAMEUSER.sRank 

FROM 'CHARS'

INNER JOIN NGSCUSER ON NGSCUSER.strUserId = CHARS.strAccount
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar01
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar02
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar03


WHERE NGSCUSER.strUserId='$username' and NGSCUSER.strPasswd='$password' and GAMEUSER.sRank = '1'

原文

I have three tables in MSSQL for a game which are structured as follows:

CHARS
This is the look up table it has:

strAccount which is linked to the primary key of NGSCUSER it is the
account username
strChar01 which is the first character slot
strChar02 which is the second character slot
strChar03 which is the third character slot

these have the primary key of the gameuser table inside they are character names

NGSCUSER

strUserID account username
strPasswd account password

GAMEUSER

strUserId this is the character name
sRank whether the character is a game master

What I need to be able to do in is compare the login details against the PHP variables $username and $password in the query and most importantly check their associated character and find out whether it has a sRank of 1

I assume I need a three table join of some kind but I don't know how to go about it any examples or help would be much appreciated

This is the query I've tried to build so far but it errors on the third line with incorrect syntax near 'CHARS':

SELECT NGSCUSER.strUserID, NGSCUSER.strPasswd, GAMEUSER.sRank 

FROM 'CHARS'

INNER JOIN NGSCUSER ON NGSCUSER.strUserId = CHARS.strAccount
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar01
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar02
INNER JOIN GAMEUSER ON GAMEUSER.strUserId = CHARS.strChar03


WHERE NGSCUSER.strUserId='$username' and NGSCUSER.strPasswd='$password' and GAMEUSER.sRank = '1'

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

夏夜暖风 2025-01-01 12:15:28

首先，要从字面上回答您的问题（这可能无法解决您的问题），您需要为表添加别名以连接多个表：

select * from [chars] c
inner join ngscuser n on n.strUserId = c.strAccount
inner join gameuser g1 on g1.strUserId = c.strChar01
inner join gameuser g2 on g2.strUserId = c.strChar02
inner join gameuser g3 on g3.strUserId = c.strChar03
where n.strUserId='$username' and n.strPasswd='$password' and g1.sRank = '1'

但是，如果您尝试拉回 gameuser 行，匹配任何字符槽，那么您需要使用 in：

select n.strUserID, n.strPasswd, g.sRank 
from [chars] c
inner join ngscuser n on n.strUserId = c.strAccount
inner join gameuser g on g.strUserId in (c.strChar01, c.strChar02, c.strChar03)
where n.strUserId='$username' and n.strPasswd='$password' and g.sRank = '1'

而且，既然我引起了您的注意，我想做以下 PSA：

我希望您正在清理 $username 和 $password 这样您不易受到 SQL 注入的影响。
不要以明文形式存储密码。不要。您应该只将它们存储为加盐哈希。如果你可以执行 select * from ngscuser 并获取每个人的密码，那你就太丢脸了。耻辱。耻辱。耻辱。

Firstly, to literally answer your question (which probably doesn't solve your problem), you need to alias your tables to join multiple tables:

select * from [chars] c
inner join ngscuser n on n.strUserId = c.strAccount
inner join gameuser g1 on g1.strUserId = c.strChar01
inner join gameuser g2 on g2.strUserId = c.strChar02
inner join gameuser g3 on g3.strUserId = c.strChar03
where n.strUserId='$username' and n.strPasswd='$password' and g1.sRank = '1'

However, if you're trying to pull back the gameuser row that matches any character slot, then you need to use in:

select n.strUserID, n.strPasswd, g.sRank 
from [chars] c
inner join ngscuser n on n.strUserId = c.strAccount
inner join gameuser g on g.strUserId in (c.strChar01, c.strChar02, c.strChar03)
where n.strUserId='$username' and n.strPasswd='$password' and g.sRank = '1'

And, now that I have your attention, I would like to do the following PSAs:

I hope you're sanitizing $username and $password so that you are not susceptible to SQL injection.
Do not store passwords in plaintext. You should only be storing them as salted hashes. If you can do a select * from ngscuser and get everybody's password, shame on you. Shame. Shame. Shame.

回复收藏 0 原文

以为你会在 2025-01-01 12:15:28

它应该只是 CHARS 而不是 'CHARS'

回复收藏 0 原文

暖心男生 2025-01-01 12:15:28

这是一个处理您所要求的事情的示例函数：

function functionName($username,$password){

    SELECT tablename.colname AS alias, tablename.colname2 AS alias2, ...
    FROM tablename tn
    JOIN talbename tn2  on tn2.colname = tn.colname
    JOIN anothertable tn3 on tn3.colname = tn2.colname

    WHERE tn.colname = $username AND rl.password ='$password'
    AND tn3.colname = 1
 }

Here is a sample function to handle something like you are asking for:

function functionName($username,$password){

    SELECT tablename.colname AS alias, tablename.colname2 AS alias2, ...
    FROM tablename tn
    JOIN talbename tn2  on tn2.colname = tn.colname
    JOIN anothertable tn3 on tn3.colname = tn2.colname

    WHERE tn.colname = $username AND rl.password ='$password'
    AND tn3.colname = 1
 }

回复收藏 0 原文

~没有更多了~