这是SQL Server 2014我的存储过程:无效的列名
CREATE PROCEDURE [dbo].[spSelectUserFromProfileUsers]
@TableName NVARCHAR(20),
@User NVARCHAR(20)
AS
BEGIN
SET NOCOUNT ON;
DECLARE @query NVARCHAR(MAX);
SET @query = 'SELECT * FROM ' + QUOTENAME(@TableName) + ' WHERE Users =' + @User
EXECUTE sp_executesql @query
END
,这里是我的Visual Studio代码:
if (TableFunctions.doesTableExist(ComboBoxSelectedProfile.SelectedItem + "Users", dbConnectionString))
{
// DynamicSQL
using (SqlCommand command = new SqlCommand("spSelectUserFromProfileUsers", connection))
{
command.CommandType = CommandType.StoredProcedure;
command.Parameters.AddWithValue("@TableName", ComboBoxSelectedProfile.SelectedItem + "Users");
command.Parameters.AddWithValue("@User", TextBoxUserName.Text);
command.ExecuteNonQuery();
}
}
,我得到的错误:
Invalid column name /Text that I entered the textbox/
我一直在寻找解决方案很久,我找不到任何东西,我会非常感谢您的帮助!
串联的结果应该是这样的:'SELECT * from [YourTable] WHERE Users = Some_User_Name' ....看到问题?,'Some_User_Name'应该是''Some_User_Name'' – Lamak
但如果我添加'@User'它不会将@ User作为参数 – WeinForce
并且此代码仍然打开ti sql因为你只是在sproc中使用连接。 –