摘要：SELECT UserId, SUM(Case ComeLate WHEN 'True' THEN 1 ELSE 0 END) AS 迟到次数,SUM(Case OverTimeStart WHEN '2000-01-01 00:00:00.000' THEN 0 ELSE 1 END)AS 加班次数FROM AttendanceRecordGROUP BY UserIdSELECT AttendanceRecord.UserId, Users.TrueName,Users.Position,Users.BasicWage, SUM(Case Attendanc 阅读全文

摘要：SELECT TOP (200) AttendanceId, UserId, OnDutyTime, OffDutyTime, OverTimeStart, OverTimeEnd, RecordTime, (CASE OverTimeStart WHEN '2000-01-01 00:00:00.000' THEN '未加班' ELSE OverTimeStart END) AS 加班了吗FROM AttendanceRecord 从datagridview中读数据 1 private void dataGridView1... 阅读全文

摘要：时间段内查询:button控件 private void button2_Click(object sender, EventArgs e) { if ((dTP2.Value.Date-dTP1.Value.Date).TotalDays<0)//后面的日期不能比前面的日期小 { MessageBox.Show("后面的日期不能比前面的日期小,请重选"); return; } SqlHelper sqlHelper = new Sql... 阅读全文

摘要：统计:两张表a和ba的字段如下：a_id,a_name,a_addressb的字段如下：b_id,b_phone,a_id我要查询出两条字段的信息 分别是表a中的a_name和表b中的a_id的总数比如a表中如果数据是这样子的：a_id a_name a_address1 me beijing2 wo shanghai3 he guangzhou4 she shenzhen5 our hangzhou表b中的数据如下：b_id ... 阅读全文

摘要：因为是三层架构,所以先在Dal层,将数据放入DataTable中先public DataTable dataGrid(string UserName) { string sql = string.Format("SELECT * FROM demoUsers WHERE UserName=@UserName"); Class1 q = new Class1(cc); ArrayList paramlist = new ArrayList(); paramlist.Add(q.CreatePar... 阅读全文

摘要：在知道有参数化SQL语句后,前去看了自己的毕业设计,测试下有否漏洞string sql = string.Format("SELECT COUNT(*) FROM Users WHERE Id={0} AND LoginPwd = '{1}'", txt... 阅读全文

摘要：在刚弄好登录的时候,姐夫帮忙看了后,提醒我有漏洞,我也想起了以前老师也讲过的SQL注入,例如string sql = string.Format("SELECT COUNT(*) FROM demoUsers WHERE UserName='{0}' AND UserPassword = '{1}'", textBox1.Text.Trim(), textBox2.Text.Trim());那么可以在登录框中输入:XXX' or 1==1--,这边是漏洞,于是就有了接下来参数化sql语言的修改。1 //新建查询语句... 阅读全文