合并两列

时间:2016-05-05 17:17:18

标签: sql vb.net

我有一个包含4列的SQL表。第四列是FullName。我希望此列从第2列和第3列的结果自动填充。 ie.Firstname和Middlename。

我试过这段代码

cn.Open()
Dim query As String
query = "Insert into Details(Adm,FirstName,MiddleName,FullName ) VALUES ('" & TextBox1.Text & "' , '" & TextBox2.Text & "', '" & TextBox3.Text & " ', CONCATE(Textbox2.text, ',', Textbox3.Text))"
cmd = New SqlCommand(query, cn)
reader = cmd.ExecuteReader
MessageBox.Show("Data Saved")

5 个答案:

答案 0 :(得分:1)

CONCATINATE部分如下:

"CONCATE('" & Textbox2.text &"',',','" & Textbox3.Text & "'))"

但我不会告诉你这样使用,因为它可能是最糟糕的建议。我更喜欢你也使用参数来避免注入和指定类型。

示例:

Dim query = "Insert into Details(Adm,FirstName,MiddleName,FullName ) VALUES (" & _
            "@adm,@fName,@mName,CONCATE(@fNameC,',',@mNameC))"
Dim cmd As New SqlCommand(query, cn)
cmd.Parameters.Add("@adm", SqlDbType.VarChar).Value = TextBox1.Text
cmd.Parameters.Add("@fName", SqlDbType.VarChar).Value = TextBox2.Text
cmd.Parameters.Add("@mName", SqlDbType.VarChar).Value = TextBox3.Text
cmd.Parameters.Add("@fNameC", SqlDbType.VarChar).Value = TextBox2.Text
cmd.Parameters.Add("@mNameC", SqlDbType.VarChar).Value = TextBox3.Text
'Execute the query here

答案 1 :(得分:0)

在查询之前,首先在一个变量中存储两个文本框值

cn.Open()
Dim query As String
Dim fullname As String 
fullname = TextBox1.text + "" + TextBox2.text
query = "Insert into Details(Adm,FirstName,MiddleName,FullName ) VALUES ('" & TextBox1.Text & "' , '" & TextBox2.Text & "', '" & TextBox3.Text & " ', '" & fullname & '")"
cmd = New SqlCommand(query, cn)
reader = cmd.ExecuteReader
MessageBox.Show("Data Saved")

答案 2 :(得分:0)

您可以与String.Concat连接,我建议您使用Parameter来避免sql注入,如下所示:

cn.Open()
Dim query As String
query = "Insert into Details(Adm,FirstName,MiddleName,FullName ) VALUES (@Adm,@FirstName,@MiddleName,@FullName)"
cmd = New SqlCommand(query, cn)
cmd.Parameters.Add(New SqlParameter("@Adm", TextBox1.Text))
cmd.Parameters.Add(New SqlParameter("@FirstName", TextBox2.Text))
cmd.Parameters.Add(New SqlParameter("@MiddleName", TextBox3.Text))
cmd.Parameters.Add(New SqlParameter("@FullName", String.Concat(TextBox2.Text, ",", TextBox3.Text)))
reader = cmd.ExecuteReader
MessageBox.Show("Data Saved")

答案 3 :(得分:0)

在发送到查询之前,将Firstname和Middlename值保存到变量中,并concat()将它们放在一起。

cn.Open()
Dim query As String
Dim firstname As String
Dim middlename As String
Dim fullname As String
query = "Insert into Details(Adm,FirstName,MiddleName,FullName) VALUES (@Adm,@FirstName,@MiddleName,@FullName)"

firstname = TextBox2.Text
middlename = TextBox3.Text
fullname = String.Concat(firstname, ",", middlename)

cmd = New SqlCommand(query, cn)
cmd.Parameters.Add(New SqlParameter("@Adm", TextBox1.Text))
cmd.Parameters.Add(New SqlParameter("@FirstName", firstname))
cmd.Parameters.Add(New SqlParameter("@MiddleName",middlename))
cmd.Parameters.Add(New SqlParameter("@FullName", fullname))
reader = cmd.ExecuteReader
MessageBox.Show("Data Saved")

请注意,已重新格式化查询构建器以删除SQL注入漏洞。

答案 4 :(得分:0)

使用以下行代替您的。

query = "Insert into Details(Adm,FirstName,MiddleName,FullName ) VALUES ('" & TextBox1.Text & "' , '" & TextBox2.Text & "', '" & TextBox3.Text & " ', '" & Textbox2.Text & " " & Textbox3.Text & "')"
相关问题
最新问题