stackoom
  简体   繁体   中英

How to set a column name in SQL query as parameter?

 原文  2015-05-26 09:33:40       c#/ sql-server-2012

Question

I want to transfer to CommandText table name as parameter, something like @column . How can I do this? Because column name is transferred as custom parameter.

using (SqlConnection connection = SQL.Connection())
{
    using (SqlCommand cmd = connection.CreateCommand())
    {
        cmd.Parameters.Add("@data", SqlDbType.VarChar).Value = "some_string";
        cmd.CommandText = "UPDATE users SET colum=@data";
        cmd.ExecuteNonQuery();
    }
}

2 answers

solution1
 1 ACCPTED  2015-05-26 09:48:38

You cannot do this in regular SQL - if you must have configurable column names (or table name, for that matter), you must use dynamic SQL - there is no other way to achieve this. Example is shown below.

string sqlCommandStatement =  
   string.Format("("UPDATE users SET {0}=@somedata, {1}=@somedata" ,column1, column2);

and then use the sp_executesql stored proc in SQL Server to execute that SQL command (and specify the other parameters as needed).

You can also checkthis article

solution2
 0  2017-10-02 14:48:53

this is a long thread/question but maybe you'll find this solution of mine helpful, as you can see i use parameters here and this is a dynamic column =)

        protected void BindDate()
    {
        StringBuilder SQLtext = new StringBuilder();

        SQLtext.AppendLine(" declare @tsql nvarchar(max) ");

        SQLtext.AppendLine(" set @tsql= ");
        SQLtext.AppendLine(" ' ");
        SQLtext.AppendLine(" With ctemp as( ");
        SQLtext.AppendLine(" select convert(varchar(10),sysDate,102) sysDate,convert(varchar(10),WeekDate,102) WeekDate,[Month],[Quarter],[Year] ");
        SQLtext.AppendLine(" from sysCalendar ");
        SQLtext.AppendLine(" where sysdate<=(select max(nominal_date) from ATTENDANCE_AGENT_T) ");
        SQLtext.AppendLine(" and sysDate>=dateadd(MONTH,-12,getdate()) ");
        SQLtext.AppendLine(" ) ");
        SQLtext.AppendLine(" select distinct ' + @mydate + ' as mydate from ctemp order by '+ @mydate + ' desc ");
        SQLtext.AppendLine(" ' ");
        SQLtext.AppendLine(" exec(@tsql) ");

        string constr = ConfigurationManager.ConnectionStrings["CIGNAConnectionString"].ConnectionString;
        using (SqlConnection con = new SqlConnection(constr))
        {
            using (SqlCommand cmd = new SqlCommand(SQLtext.ToString()))
            {
                cmd.CommandType = CommandType.Text;
                cmd.Parameters.AddWithValue("@mydate", Radio_range.SelectedValue);
                cmd.Connection = con;
                con.Open();
                DropDownList_Date.DataSource = cmd.ExecuteReader();
                DropDownList_Date.DataTextField = "mydate";
                DropDownList_Date.DataValueField = "mydate";
                DropDownList_Date.DataBind();
                con.Close();
            }
        }
    }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use parameters in SQL query with column name How to query date with a column name in SQL? In SQL Query how to set table name How to insert dynamic column name in C# SQL query? how to filter table column id into corresponding name directly with a sql query Excel SQL query how to specify a column number not name Sql Query Parameter Name Must Be Defined How to pass column name as well as Table Name to a stored procedure as a parameter in SQL Server? Column name in SQL query from request SQL Invalid Column name detection from Query
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM