如何在运行时在Select语句中分配源表名？ [英] How do I assign the source table name at run time in a Select statement?

问题描述

我正在编写的程序旨在在不同的时间在不同的数据库上使用不同的表名。如何编写Select语句以使用在运行时选择的表名？我尝试将表名放入字符串变量strTableName，然后按如下方式编写Select语句：



使用da作为新的OleDbDataAdapter（Select * from strTableName ，cnnSource）



但这不起作用。如果我在数据库中指定一个特定的表名，例如MyTestData，然后按如下方式编写Select语句，它就可以工作：



使用da作为新的OleDbDataAdapter （选择*来自MyTestData，cnnSource）



但我不想在每个数据库中使用该表名。



任何建议？

The program I am writing is designed to be used on different databases at different times with different table names in the database. How can I write the Select statement to use a table name that is chosen at runtime? I tried putting the table name into a string variable "strTableName" and then writing the Select statement as follows:

Using da As New OleDbDataAdapter("Select * From strTableName", cnnSource)

But this will not work. If I assign a specific table name in the database, such as "MyTestData", and then write the Select statement as follows, it works:

Using da As New OleDbDataAdapter("Select * From MyTestData", cnnSource)

But I do not want to have to use that table name in every database.

Any Suggestions?

推荐答案

你可以这样做：

You could do it:

Using da As New OleDbDataAdapter("Select * From " & strTableName, cnnSource)

- 但你必须是非常非常小心从表中获取表名 - 连接字符串以形成SQL命令是非常危险的，而且非常糟糕的做法！如果你不注意并且可能会破坏你的数据库，它会让你对SQL注入开放。

- but you will have to be very, very careful where you get the table name from - concatenating strings to form an SQL command is seriously dangerous, and very bad practice! It leaves you wide open to SQL Injection if you don't pay attention and that can destroy your database.

这篇关于如何在运行时在Select语句中分配源表名？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！