Jam*_*mie 14 sql t-sql sql-server exists
我正在尝试在MS SQL 2012 Express上运行以下查询:
Select (
Select Id, Salt, Password, BannedEndDate
from Users
where username = '" + LoginModel.Username + "'
), (
Select Count(*)
From LoginFails
where username = '" + LoginModel.Username + "'
And IP = '" + Request.ServerVariables["REMOTE_ADDR"] + "')"
);
但是我收到以下错误:
在
select未引入子查询时,只能在列表中指定一个表达式EXISTS.
我怎么解决这个问题?
试试这个 -
"SELECT
ID, Salt, password, BannedEndDate
, (
SELECT COUNT(1)
FROM dbo.LoginFails l
WHERE l.UserName = u.UserName
AND IP = '" + Request.ServerVariables["REMOTE_ADDR"] + "'
) AS cnt
FROM dbo.Users u
WHERE u.UserName = '" + LoginModel.Username + "'"
试试这个:
Select
Id,
Salt,
Password,
BannedEndDate,
(Select Count(*)
From LoginFails
Where username = '" + LoginModel.Username + "' And IP = '" + Request.ServerVariables["REMOTE_ADDR"] + "')
From Users
Where username = '" + LoginModel.Username + "'
我强烈建议您在查询中使用参数以避免sql注入攻击带来的安全风险!
希望有所帮助!
| 归档时间: |
|
| 查看次数: |
100573 次 |
| 最近记录: |