vb.net在一个查询中将多个SQL值设置为同一行

时间:2012-10-08 01:35:10

标签: sql vb.net set sql-update

我有以下代码,它将在同一行中设置2个值,它非常简单,但我不确定如何将它组合在一个查询中

 Dim cnn As New SqlConnection
            Dim sqlcmd As New SqlCommand("SELECT catalogid, delivered,nodilivary FROM supporder", cnn)
            sqlcmd.CommandText = "update supporder SET delivered=@delivered WHERE catalogid=@catalogid"
            sqlcmd.Parameters.Add(New SqlParameter("@delivered", GridControl2.GetCellValue(currentrowindex, "delivered")))
            sqlcmd.Parameters.Add(New SqlParameter("@catalogid", GridControl2.GetCellValue(currentrowindex, "catalogid")))
            cnn.Open()
            sqlcmd.ExecuteNonQuery()
            sqlcmd.Parameters.Clear()
            cnn.Close()
            sqlcmd.CommandText = "update supporder SET nodilivary=@nodilivary WHERE catalogid=@catalogid"
            sqlcmd.Parameters.Add(New SqlParameter("@nodilivary", GridControl2.GetCellValue(currentrowindex, "nodilivary")))
            sqlcmd.Parameters.Add(New SqlParameter("@catalogid", GridControl2.GetCellValue(currentrowindex, "catalogid")))
            cnn.Open()
            sqlcmd.ExecuteNonQuery()
            sqlcmd.Parameters.Clear()
            cnn.Close()

2 个答案:

答案 0 :(得分:2)

使用逗号分隔您要更新的每个字段。

UPDATE supporder SET nodilivary=@nodilivary, delivered=@delivered WHERE catalogid=@catalogid

答案 1 :(得分:1)

试试这个:

Dim cnn As New SqlConnection

Dim sql as String = string.Format("update supporder set delivered={0}, nodilivary={1} where catalogid={2}", _
                    GridControl2.GetCellValue(currentrowindex, "delivered")  _
                    GridControl2.GetCellValue(currentrowindex, "nodilivary") _
                    GridControl2.GetCellValue(currentrowindex, "catalogid") )           


Dim sqlcmd As New Sqlsql, cnn)
cnn.Open()
sqlcmd.ExecuteNonQuery()
sqlcmd.Parameters.Clear()
cnn.Close()

我手边没有VB,但这应该非常接近。

编辑:

这是上面使用命令参数的一个版本(感谢评论)再次简单的防御SQL注入并且比上面的代码更安全:

Dim cnn As New SqlConnection

Dim sql as String = "update supporder set delivered=@delivered, nodilivary=@nodilivary where catalogid=@catalogid"

Dim sqlcmd As New Sql(sql, cnn)
sqlcmd.Parameters.Add(New SqlParameter("@delivered", GridControl2.GetCellValue(currentrowindex, "delivered"))
sqlcmd.Parameters.Add(New SqlParameter("@nodilivary", GridControl2.GetCellValue(currentrowindex, "nodilivary"))
sqlcmd.Parameters.Add(New SqlParameter("@catalogid", GridControl2.GetCellValue(currentrowindex, "catalogid"))
cnn.Open()
sqlcmd.ExecuteNonQuery()
sqlcmd.Parameters.Clear()
cnn.Close()
相关问题
最新问题