在sql server中动态sql join

[英]Dynamic sql join in sql server


I have a relationship between two tables. The two tables PKs are int types.

我有两个表之间的关系。两个表PK是int类型。

In one table (UserS), I need to supply the Username and get the corresponding ID (which is the PK). This is the standard ASP.NET user table when using forms authentication.

在一个表(UserS)中,我需要提供用户名并获取相应的ID(即PK)。这是使用表单身份验证时的标准ASP.NET用户表。

However, in a related table, I want to supply the ID I find from the Users table to get a value out.

但是,在相关表中,我想提供我从Users表中找到的ID以获取值。

Something like:

Run query to get ID for a username (simple select/where query) Return the result Run a subquery where I can pass in the above result - Get value where ID = result

运行查询以获取用户名的ID(简单选择/其中查询)返回结果运行子查询,我可以传入上述结果 - 获取ID =结果的值

This sounds a lot like dynamic sql. However, there might be a better suited and appropriate way of writing this query (on Sql Server 2k5).

这听起来很像动态sql。但是,可能有更适合和适当的方式来编写此查询(在Sql Server 2k5上)。

How can I go about doing this and what gotchas lurk?

我怎样才能做到这一点以及潜伏着什么?

EDIT: I will try something along the lines of http://www.sqlteam.com/article/introduction-to-dynamic-sql-part-1

编辑:我将尝试http://www.sqlteam.com/article/introduction-to-dynamic-sql-part-1的内容

EDIT: Thanks for the tips everyone, I wrote this:

编辑:感谢大家的提示,我写道:

SELECT Discount.DiscountAmount FROM Discount INNER JOIN aspnet_Users ON Discount.DiscountCode = aspnet_Users.UserId And aspnet_Users.Username = 's'

SELECT Discount.DiscountAmount FROM Discount INNER JOIN aspnet_Users ON Discount.DiscountCode = aspnet_Users.UserId and aspnet_Users.Username ='s'

Where 's' is to be replaced by a parameter.

's'将被参数替换。

Thanks

6 个解决方案

#1


Right, i just would do this:

对,我就是这样做的:

SELECT *
FROM TableB
JOIN Users ON Users.Id = TableB.ID 
WHERE Users.Username = @Username

#2


You don't have to use dynamic SQL for that.

您不必为此使用动态SQL。

You can use a lookup instead:

您可以使用查找:

DECLARE @ID bigint
SELECT @ID = ID FROM Users WHERE Username = @Username

SELECT
  *
FROM
  TableB
WHERE
  ID = @ID

Then, you could add the PARAMETER @Username to your SqlCommand object, preventing the risks of SQL Injection.

然后,您可以将PARAMETER @Username添加到SqlCommand对象,以防止SQL注入的风险。

Also, doing the lookup is preferable to a join, since the index is scanned a single time, for TableB.

此外,进行查找比连接更可取,因为对于TableB,索引会被扫描一次。

#3


Regarding lookup vs joins - while it may seem more intuitive for the novice to use the lookup, you should go with a join. A lookup needs to be evaluated for every row in your primary result set, while a join is evaluated once. Joins are much more efficient, which means that they are faster.

关于查找与连接 - 虽然新手使用查找似乎更直观,但您应该使用连接。需要为主结果集中的每一行评估查找,而连接评估一次。连接效率更高,这意味着它们更快。

#4


This is just a simple join isn't it?

这只是一个简单的连接不是吗?

SELECT  x.*
FROM    user_table u
        INNER JOIN
                other_table x
                ON u.id = x.user_id
WHERE   u.name = @user_name

#5


SELECT  values.value
FROM    form_users, values
WHERE   form_users.username = 'John Doe'
        AND values.user = form_users.userid

#6


SELECT
   *
FROM
   table2 t2
   JOIN
   UserS t1 ON t2.IDKey = t1.IDKey
WHERE
   UserS.Username = @Input

注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2009/04/07/725519e7dc829d3fc677d35bbe1c218a.html



 
粤ICP备14056181号  © 2014-2021 ITdaan.com