将新值添加到当前值以获得总计

时间:2015-06-03 06:35:51

标签: c# sql

我有这段代码来更新数据库,

string query1 =
  "UPDATE Points SET PNTS = "
+ "SWITCH ("
    + "  EmpName = '" + comboBox1.Text + "', '" + label15.Text + "'"
    + ", EmpName = '" + comboBox2.Text + "', '" + label16.Text + "'"
    + ", EmpName = '" + comboBox3.Text + "', '" + label17.Text + "'"
    + ", true, ''"
+ ")"
+ " WHERE EmpName in ('" + comboBox1.Text + "', '" + comboBox2.Text + "', '" + comboBox3.Text + "')"

在此查询中,用新值替换当前的PNTS列值,我想将此label.text值添加到当前数据库的PNTS值,并将总数增加到PNTS列。

请帮帮我!!!

1 个答案:

答案 0 :(得分:0)

正如其他人所说,使用参数化查询来防止sql注入,但为了让我更容易(我不知道参数化查询的C#库是什么)我只是要使用你当前的代码和给你最快的方法:

string query1 =
  "UPDATE Points SET PNTS = PNTS + "
+ "SWITCH ("
    + "  EmpName = '" + comboBox1.Text + "', '" + label15.Text + "'"
    + ", EmpName = '" + comboBox2.Text + "', '" + label16.Text + "'"
    + ", EmpName = '" + comboBox3.Text + "', '" + label17.Text + "'"
    + ", true, ''"
+ ")"
+ " WHERE EmpName in ('" + comboBox1.Text + "', '" + comboBox2.Text + "', '" + comboBox3.Text + "')"
相关问题
最新问题