我一直在尝试使用ADODB.Command执行参数化查询。我知道我可以用“?”对于参数,但我的查询相当大,我真的不想跟踪参数的确切顺序。我试过以下的东西:
objCmd.CommandType = adCmdText
objCmd.CommandText = "SELECT ... WHERE field1=@p_Field1 ...."
Dim objParam As ADODB.Parameter
Set objParam = objCmd.CreateParameter("@p_Field1" ...)
objCmd.Parameters.Append objParam
...
objCmd.Open
它适用于存储过程参数(显然设置CommandType = adCmdStoredProc),但由于查询本身的动态特性,我无法在存储过程中执行此操作。当我尝试运行查询时,我收到错误:
Must declare the scalar variable "@p_Field1"
还有其他方法不涉及使用存储过程或(argh)连接查询本身的参数值而根本不使用参数吗?
答案 0 :(得分:7)
您可以执行此操作,以允许您重复使用参数
objCmd.CommandText = "declare @var1 int, @var2 int, @var3 int; " & _
"select @var1 = ?, @var2 = ?, @var3 = ?;" & _
"select ... where field1 = @var1 or field4 = @var1 or field2 = @var2 ... "
并以正常的有序方式添加参数。
答案 1 :(得分:3)
所以看起来ADODB.Command并不真正支持命名参数。
答案 2 :(得分:2)
自从我使用VB6以来已经有一段时间了,但您是否尝试将Command对象上的NamedParameters属性设置为True?
即
objCmd.NamedParameters = True
答案 3 :(得分:0)
我知道如何做到这一点的唯一方法就是创造?作为参数,例如
在你的例子中:
objCmd.CommandText = "SELECT ... WHERE field1=@p_Field1 ...."
将其更改为:
objCmd.CommandText = "SELECT ... WHERE field1 = ?"
objCmd.NamedParameters = True
Dim objParam As ADODB.Parameter
Set objParam = objCmd.CreateParameter("@AnyName",,,,Value)
objCmd.Parameters.Append objParam
希望这有帮助
答案 4 :(得分:0)
它并不完美,但是......这是我创建的包装类,允许您创建命名参数查询......
Class SQLBuilder
Private Sub Class_Initialize( )
Set internal_commandObject = Server.CreateObject("ADODB.Command")
End Sub
Private internal_sql
Private internal_parameters
private internal_commandObject
Public Property Let CommandType(ByVal value)
internal_commandObject.CommandType = value
End Property
Public Property Get CommandType
CommandType = internal_commandObject.CommandType
End Property
Public Property Let Prepared(ByVal value)
internal_commandObject.Prepared = value
End Property
Public Property Get Prepared
Prepared = internal_commandObject.Prepared
End Property
Public Property Get SQLCommandObject
Set SQLCommandObject = internal_commandObject
End Property
Public Property Let SQLCommandObject(ByVal value)
Set internal_commandObject = value
End Property
Public Property Get CommandText
CommandText = internal_commandObject.CommandText
End Property
Public Property Let CommandText(ByVal sqlStatement)
GetSQLParameters sqlStatement
internal_commandObject.CommandText = internal_sql
End Property
Public Property Get Parameters
Set Parameters = internal_parameters
End Property
Public Function SetParameter(name,datatype,direction,size,value)
internal_commandObject.Parameters.Append internal_commandObject.CreateParameter(name,datatype,direction,size,value)
End Function
Private Sub GetSQLParameters(sql)
internal_commandObject.NamedParameters = true
Set RegExObj = New RegExp
With RegExObj
.Global = true
.Multiline = true
.Pattern = "@\S+"
.IgnoreCase = true
End With
Set internal_parameters = CreateObject("Scripting.Dictionary")
With internal_parameters
For each item in RegExObj.Execute(sql)
if Not .Exists(item.value) then
.Add item.value,item.value
end if
Next
End With
internal_sql = RegExObj.Replace(sql,"?")
End Sub
End Class
Dim Temp
Dim mySqlBuilder
Set mySqlBuilder = new SQLBuilder
With mySqlBuilder
set .SQLCommandObject.ActiveConnection =PropConnection
.CommandText = "select LegalDescription from STAGE.DataLegalDescription where FISCAL_YEAR = @FISCAL_YEAR AND AccountNumber = @ACCOUNT_NUMBER"
.Prepared = true
.SetParameter "@FISCAL_YEAR",adInteger,adParamInput,4, Cint(Year)
.SetParameter "@ACCOUNT_NUMBER",adVarChar,adParamInput,13, AccountNumber
End With
RSProp.Open mySqlBuilder.SQLCommandObject