asp.net 中的命令文本查询
commandtext query in asp.net
我有月份和年份变量,我正在通过此查询获取数据。
EntityDataSourcePersonel.CommandText =
"SELECT COUNT(TeklifTable.TeklifHazirlayan) AS Basari, EmployeeTable.Name, EmployeeTable.Surname, SUM(TeklifTable.TeklifTutar) AS ToplamSatis FROM EmployeeTable JOIN TeklifTable ON TeklifTable.TeklifHazirlayan = EmployeeTable.EmployeeId WHERE MONTH(TeklifTable.TeklifTarih) = "+dtM+" AND YEAR(TeklifTable.TeklifTarih) = " + dtY + " AND TeklifTable.Approved = true GROUP BY EmployeeTable.Name,EmployeeTable.Surname";
此查询工作正常,但我需要更多信息。如您所见,我有一个 where 条件,并且我将已批准为真的数据。我想知道是否有一种方法可以在不检查是否已批准的情况下获取所有数据。我的意思是我需要所有数据和已批准为真的数据。
如果你的意思是你想要一个已批准和未批准的记录,那么你可以像下面这样在你的 SELECT 子句中添加列;
EntityDataSourcePersonel.CommandText =
"SELECT COUNT(TeklifTable.TeklifHazirlayan) AS Basari,
EmployeeTable.Name,
EmployeeTable.Surname,
SUM(TeklifTable.TeklifTutar) AS ToplamSatis,
SUM(CASE WHEN TeklifTable.Approved = true THEN 1 ELSE 0 END) as [TotalApproved],
SUM(CASE WHEN TeklifTable.Approved = false THEN 1 ELSE 0 END) AS [TotalUnapproved]
FROM EmployeeTable
JOIN TeklifTable ON TeklifTable.TeklifHazirlayan = EmployeeTable.EmployeeId
WHERE MONTH(TeklifTable.TeklifTarih) = "+dtM+"
AND YEAR(TeklifTable.TeklifTarih) = " + dtY + "
GROUP BY EmployeeTable.Name,EmployeeTable.Surname";
请考虑使用 SqlParameters,因为您当前的命令很容易被 SQL 注入(通过附加 dtM 和 dtY 值来构造您的语句)。
我有月份和年份变量,我正在通过此查询获取数据。
EntityDataSourcePersonel.CommandText =
"SELECT COUNT(TeklifTable.TeklifHazirlayan) AS Basari, EmployeeTable.Name, EmployeeTable.Surname, SUM(TeklifTable.TeklifTutar) AS ToplamSatis FROM EmployeeTable JOIN TeklifTable ON TeklifTable.TeklifHazirlayan = EmployeeTable.EmployeeId WHERE MONTH(TeklifTable.TeklifTarih) = "+dtM+" AND YEAR(TeklifTable.TeklifTarih) = " + dtY + " AND TeklifTable.Approved = true GROUP BY EmployeeTable.Name,EmployeeTable.Surname";
此查询工作正常,但我需要更多信息。如您所见,我有一个 where 条件,并且我将已批准为真的数据。我想知道是否有一种方法可以在不检查是否已批准的情况下获取所有数据。我的意思是我需要所有数据和已批准为真的数据。
如果你的意思是你想要一个已批准和未批准的记录,那么你可以像下面这样在你的 SELECT 子句中添加列;
EntityDataSourcePersonel.CommandText =
"SELECT COUNT(TeklifTable.TeklifHazirlayan) AS Basari,
EmployeeTable.Name,
EmployeeTable.Surname,
SUM(TeklifTable.TeklifTutar) AS ToplamSatis,
SUM(CASE WHEN TeklifTable.Approved = true THEN 1 ELSE 0 END) as [TotalApproved],
SUM(CASE WHEN TeklifTable.Approved = false THEN 1 ELSE 0 END) AS [TotalUnapproved]
FROM EmployeeTable
JOIN TeklifTable ON TeklifTable.TeklifHazirlayan = EmployeeTable.EmployeeId
WHERE MONTH(TeklifTable.TeklifTarih) = "+dtM+"
AND YEAR(TeklifTable.TeklifTarih) = " + dtY + "
GROUP BY EmployeeTable.Name,EmployeeTable.Surname";
请考虑使用 SqlParameters,因为您当前的命令很容易被 SQL 注入(通过附加 dtM 和 dtY 值来构造您的语句)。