编写此查询的正确方法是什么?
String squery= "update Room set GuestCode="+gc+", FirstName=(select FirstName from GuestDetails where GuestCode="+gc+"), LastName=(select LastName from GuestDetails where GuestCode="+gc+"), Country=(select Country from GuestDetails where GuestCode="+gc+"), State=(select State from GuestDetails where GuestCode="+gc+"), City=(select City from GuestDetails where GuestCode="+gc+"), ContactNo=(select ContactNo from GuestDetails where GuestCode="+gc+") where RoomNo="+rn+"";
我正在尝试在另一个表(GuestDetails)中使用guestcode作为输入在表(Room)中设置一些值。我在子查询中获得异常作为无效的memo,ole或超链接对象。请帮忙。
答案 0 :(得分:1)
这可能是编写更新的更好方式。这适用于sql server
UPDATE A
SET GuestCode = 'gc',
FirstName = B.FirstName,
LastName = B.LastName,
Country = Country,
State = B.State,
City = B.City,
ContactNo = B.contactNO
FROM ROOM A
JOIN GuestDetails B
ON b.GuestCode = 'gc'
WHERE RoomNo = 'rn';
答案 1 :(得分:-1)
最好使用存储过程来避免sql注入。您的代码易受注射攻击。
还可以使用连接来避免由于性能问题而进行的子选择。