我想从数据库中获取相同的值,因此我使用以下查询:
SELECT NormalComputers
FROM usb_compliance
WHERE ATC = 'CMB'
ORDER BY date DESC
OFFSET 0 ROWS FETCH NEXT 1 ROWS ONLY
使用这个我想得到这么多的值,所以我计划使用SQL注入方法,请帮助我如何创建这个
如果我可以使用注射方法,我可以使用函数,它应该是这样的
Private Function query(ByVal values As String, ByVal atc As String, ByVal no As Integer)
Dim connetionString As String
Dim connection As SqlConnection
Dim command As SqlCommand
Dim sql As String
connetionString = "Server=CTV-WEBDEVEXG;Database=usb;Trusted_Connection=True;"
sql = "SELECT @values FROM usb_compliance WHERE ATC=@atc ORDER BY date DESC OFFSET @no ROWS FETCH NEXT 1 ROWS ONLY"
connection = New SqlConnection(connetionString)
Try
command = New SqlCommand(sql, connection)
With command
.Connection.Open()
MsgBox("done !!!")
.CommandType = CommandType.Text
.Parameters.Add("@values", SqlDbType.DateTime).Value = values
.Parameters.Add("@atc", SqlDbType.NVarChar).Value = atc
.Parameters.Add("@NormalComputers", SqlDbType.Int).Value = no
End With
command.ExecuteNonQuery()
command.Dispose()
connection.Close()
Catch ex As Exception
End Try
Return sql
End Function
我尝试过这种方法,但不起作用,所以请帮助我
