我正在構建一個訓練項目,而且我的處理程序已經禁止我參數化,我更喜歡現在關注其他的東西。他指示我使用以下類型的字符串來插入。我知道這是不安全的。這不是用於實際部署。然而,我遇到了困難,因爲在對數據庫進行一些必要的重構之後,我需要重新編寫插入和選擇命令。我的提交表有一個自動遞增的SubmissionId列,我需要將該值插入到我的代理和客戶表的SubId列中。我該怎麼做呢?將自動遞增的值插入到另一個表的列中?
string idQuery = "SELECT SCOPE_IDENTITY() AS LastInsertedSubmissionId";
String custQuery = "INSERT INTO Customer
(CustId, CustName, SicNaic, CustAdd, CustCity, CustState, CustZip, SubId)
VALUES
('" + TbCustId.Text + "', '" + TbCustName.Text + "', '" + RblSicNaic.SelectedItem + "', '" + TbCustAddress.Text + "', '" + TbCustCity.Text + "', '" + DdlCustState.SelectedItem + "', '" + TbCustZip.Text + "', *whatgoeshere?*)";
String broQuery = "INSERT INTO Broker
(BroId, BroName, BroAdd, BroCity, BroState, BroZip, EntityType, SubId)
VALUES
('" + TbBroId.Text + "', '" + TbBroName.Text + "', '" + TbBroAddress.Text + "', '" + TbBroCity.Text + "', '" + DdlBroState.SelectedItem + "', '" + TbBroZip.Text + "', '" + DdlEntity.SelectedItem + "', *whatgoeshere?*)";
String subQuery = "INSERT INTO Submission
(Coverage, CurrentCoverage, PrimEx, Retention, EffectiveDate, Commission, Premium, Comments)
VALUES
('" + TbCoverage.Text + "','" + TbCurrentCoverage.Text + "','" + TbPrimEx.Text + "','" + TbRetention.Text + "','" + TbEffectiveDate.Text + "','" + TbCommission.Text + "','" + TbPremium.Text + "','" + TbComments.Text + "')";
我認爲OP希望使用剛剛插入自動遞增的ID,而不是插入到該表。 – 2011-05-09 01:15:49