在后面的代码中插入查询将在Prod中工作 [英] Insert query in code behind will work in Prod
本文介绍了在后面的代码中插入查询将在Prod中工作的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想知道后面的VB.Net代码中的Insert查询将在生产环境中工作,因为它在其他环境中工作得很好( DEV,QA)但不是在制作中,所以我想知道的是,因为任何限制,在后面的代码中插入查询不能在生产中工作。
代码: -
Hi ,
I would like to know the Insert query in the VB.Net code behind will work in Production environment because which is working perfectly in other environments(DEV,QA) but not in production so I want to know is that because of any restriction that insert query in code behind is not working in production.
Code :-
Dim _sqlDET As String = _
"INSERT INTO dbo.tablename1 " & _
"SELECT * FROM dbo.tablename2 " & _
"WHERE ID=" & _ID & ""
请帮我解决这个问题..
Please help me to fix this ..
推荐答案
你需要承认这个问题描述为:(插入查询)是在其他环境(DEV,QA)中完美地工作但不在生产中根本没有提供信息。
以上行为有以下几个原因.. 。
正如ThePhantomUpvoter所提到的,不是在后面的代码中使用查询,而是使用存储过程 [ ^ ]以避免 sql注入 [ ^ ]。
M ore:
如何:保护ASP.NET中的SQL注入 [ ^ ]
在停止之前停止SQL注入攻击 [ ^ ]
动态SQL& SQL注入 [ ^ ]
如何:执行返回行的存储过程 [ ^ ]
使用存储过程命令 [ ^ ]
如何:执行返回单个值的存储过程 [ ^ ]
如何:创建并执行不返回值的SQL语句 [ ^ ]
如Chill60所述,可能存在与权限冲突的问题(有几个级别,特权,规则等。
权限(数据库引擎) ) [ ^ ]
权限层次结构(数据库引擎) [ ^ ]
确定SQL Server 2005权限的脚本 [ ^ ]
授权与授权之间的服务器差异/ [ ^ ]
初学者sql教程:sql grant,revoke,privileges和角色 [ ^ ]
You need to admit that issue described as: "(insert query) is working perfectly in other environments(DEV,QA) but not in production" is not informative at all.
There are several reasons of above behavior...
As ThePhantomUpvoter has mentioned, rather than using query in code behind, use stored procedures[^] to avoid sql injection[^].
More:
How To: Protect From SQL Injection in ASP.NET[^]
Stop SQL Injection Attacks Before They Stop You[^]
Dynamic SQL & SQL injection[^]
How to: Execute a Stored Procedure that Returns Rows[^]
Using Stored Procedures with a Command[^]
How to: Execute a Stored Procedure that Returns a Single Value[^]
How to: Create and Execute an SQL Statement that Returns No Value[^]
As Chill60 has mentioned, there could be an issue conflict with permissions (there are few levels), privileges, rules, etc.
Permissions (Database Engine)[^]
Permissions Hierarchy (Database Engine)[^]
Script to determine permissions in SQL Server 2005[^]
sql server difference between grant and with grant/[^]
beginner sql tutorial: sql grant, revoke, privileges and roles[^]
我找出了问题并修复了..
问题是生产中的字段数量table与dev和QA表中的no.of字段不同。这就是为什么后面的代码中的插入查询工作良好的DEV和QA但不在生产中,现在我从生产表中删除了额外的字段,然后插入查询在生产中也正常工作。
I figured out the issue and fixed..
The issue was no.of fields in the production table is different from the no.of fields in the dev and QA tables. That's why the insert query in code behind worked fine DEV and QA but not in Production and now I removed the extra field from the production table then the insert query is working fine in production also.
这篇关于在后面的代码中插入查询将在Prod中工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
