ASP经典SQL多个参数 [英] ASP Classic SQL Multiple parameters

问题描述

此Oracle SQL的ASP Classic SQL查询等效项是什么:

What is the ASP Classic SQL query equivalent for this Oracle SQL:

SELECT column1 FROM table WHERE column2 = '&num' AND column2 LIKE '&nam%';

推荐答案

真的了解经典的ASP，ADODB等内容！

read about classic asp, adodb and so on, really!

这是一个未经测试的示例:

here's a untested example:

sql = "SELECT column1 FROM table WHERE column2 = ? AND column3 LIKE ? + '%'"

set cmd = server.createobject("ADODB.Command")
cmd.activeconnection = yourConnection
cmd.commandText = SQL

cmd.Parameters.Append( cmd.CreateParameter("column2", adVarchar, , 512, valOfColumn2) )
cmd.Parameters.Append( cmd.CreateParameter("column3", adVarchar, , 512, valOfColumn3) )

set rs = cmd.execute

请注意，对于每个数据库系统，SQL字符串中字符串内容的语法可能有所不同.我不知道Oracle中的语法...这是指SQL字符串的"LIKE?+'％'"部分.

Note that the syntax for string concetenation in the SQL string could differ per database System. i don't know the Syntax in Oracle... by that i mean the "LIKE ? + '%'" Portion of the SQL string.

此外，我不知道您的表的定义，因此我假设column2和column3是长度为512的varchar字段.

Furthermore i do not know the definition of your table so i assumed column2 and column3 are varchar fields with a length of 512.

最后此处是MSDN的链接，以供您进一步了解ADODB.Command等.

Finally here is a link to MSDN for your further reading about ADODB.Command and so on.

并且此处是有关SQL注入的链接-请阅读！！

And here is a link about SQL-Injection - READ IT!.

这篇关于ASP经典SQL多个参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！