0

我已经用头撞墙了 2 天了。此更新语句在 ssms 中运行时有效

update dbo.DEMOGRAPHICS 
set ETHNICITY = (select distinct(ethnicity) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = 'P000084716' and ACADEMIC_SESSION != '')
, GENDER = (select distinct(GENDER) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = 'P000084716' and ACADEMIC_SESSION != '')
, MARITAL_STATUS = (select distinct(MARITAL_STATUS) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = 'P000084716' and ACADEMIC_SESSION != '')
, RELIGION = (select distinct(RELIGION) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = 'P000084716' and ACADEMIC_SESSION != '')
, VETERAN = (select distinct(VETERAN) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID =  'P000084716' and ACADEMIC_SESSION != '')
, CITIZENSHIP = (select distinct(CITIZENSHIP) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = 'P000084716'and ACADEMIC_SESSION != '')
,RETIRED = (select distinct(RETIRED) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '000084716' and ACADEMIC_SESSION != '')
, LEGAL_RESIDENCE = (select distinct(LEGAL_RESIDENCE) from dbo.DEMOGRAPHICS where   PEOPLE_CODE_ID = 'P000084716' and ACADEMIC_SESSION != '')
where PEOPLE_CODE_ID = 'P000084716'  and ACADEMIC_SESSION = ''

但是在代码中进行更新并没有

string updDemoRecords = @"update dbo.DEMOGRAPHICS 
set ETHNICITY = (select distinct(ethnicity) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, GENDER = (select distinct(GENDER) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, MARITAL_STATUS = (select distinct(MARITAL_STATUS) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, RELIGION = (select distinct(RELIGION) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, VETERAN = (select distinct(VETERAN) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, CITIZENSHIP = (select distinct(CITIZENSHIP) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}'and ACADEMIC_SESSION != '')
,RETIRED = (select distinct(RETIRED) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
, LEGAL_RESIDENCE = (select distinct(LEGAL_RESIDENCE) from dbo.DEMOGRAPHICS where PEOPLE_CODE_ID = '{0}' and ACADEMIC_SESSION != '')
where PEOPLE_CODE_ID = '{0}'  and ACADEMIC_SESSION = ''";
updDemoRecords = string.Format(updDemoRecords, peopleOrgCodeID);
pcCon = new SqlConnection(pcConnString);
SqlCommand doUpdDemoRecords = new SqlCommand(updDemoRecords, pcCon);
pcCon.Open();
doUpdDemoRecords.ExecuteNonQuery();
pcCon.Close();

也从存储的过程中尝试过,它也没有更新相关的行。它是 sql server 2008 和 c#.net

4

1 回答 1

1

在我看来,问题是您使用的是实际数字 ( peopleOrgCodeID) - 这不会有0您在 SSMS 版本中使用的前导 es(使用字符串)。

因此,如果peopleOrgCodeId是一个带有 value 的整数(或 long),那么84716您的WHERE子句将最终为:

where PEOPLE_CODE_ID = '84716'

并不是:

where PEOPLE_CODE_ID = '000084716'

您可以通过使用复合格式化字符串或传入带有前导零的字符串值来解决该问题。

我会提到 SQL 注入作为一个可能的问题,但如果peopleOrgCodeID确实是一个整数,那么在这种情况下你是安全的。但是,我仍然会使用参数化查询而不是string.Format

于 2012-11-08T19:38:45.730 回答