C# 带c和where子句的Sqlite
我有以下代码可以正常工作,但是如何在中添加where子句 正在尝试以下字符串: sql=从[devices]中选择[ip\U address]、[name]、[model]、[mac\U address]、[operating\U system]、[current\U user],其中[ip\U address]=@192.168.0.56C# 带c和where子句的Sqlite,c#,sql,sqlite,select,where-clause,C#,Sql,Sqlite,Select,Where Clause,我有以下代码可以正常工作,但是如何在中添加where子句 正在尝试以下字符串: sql=从[devices]中选择[ip\U address]、[name]、[model]、[mac\U address]、[operating\U system]、[current\U user],其中[ip\U address]=@192.168.0.56 using System; using System.Data.SQLite; using System.IO; namespace SQLiteSam
using System;
using System.Data.SQLite;
using System.IO;
namespace SQLiteSamples
{
class Program
{
// Holds our connection with the database
SQLiteConnection m_dbConnection;
public string Info { get; private set; }
static void Main(string[] args)
{
Program p = new Program();
}
public Program()
{
connectToDatabase();
printResult();
}
// Creates a read only connection to spiceworks database file.
void connectToDatabase()
{
//m_dbConnection = new SQLiteConnection(@"Data Source=\\spiceworks\db\spiceworks_prod.db;Version=3;Read Only=True");
m_dbConnection = new SQLiteConnection(@"Data Source=C:\Temp\ZipSampleExtract\db\spiceworks_prod.db;Version=3;Read Only=True");
m_dbConnection.Open();
}
// Writes the output from spiceworks table devices.
void printResult()
{
string sql = "select [ip_address], [name], [model], [mac_address], [operating_system], [current_user]from [devices]";
SQLiteCommand command = new SQLiteCommand(sql, m_dbConnection);
SQLiteDataReader reader = command.ExecuteReader();
while (reader.Read())
Console.WriteLine("ip_address: " + reader["ip_address"] + " " + reader["name"] + " " + reader["model"] + " " + reader["mac_address"]+" " + reader["operating_system"] + " " + reader["current_user"]);
Info = Convert.ToString(Console.ReadLine());
File.WriteAllText("E:\\johnb.txt", Info);
}
}
}
SQL中的字符串文字用单引号表示:
string sql = "select [ip_address], [name], [model], [mac_address], [operating_system], [current_user] from [devices] where [ip_address] = '192.168.0.56'";
您将希望在最终项目中使用参数来防止SQL注入
string sql = "select [ip_address], [name], [model], [mac_address], [operating_system], [current_user]from [devices] where [ip_address] = @ip_address";
SQLiteCommand command = new SQLiteCommand(sql, m_dbConnection);
command.Parameters.Add(new SqlParameter("@ip_address", ipAddressValue));
SQLiteDataReader reader = command.ExecuteReader();