-1
내 코드에서 내 데이터 테이블에있는 모든 기사의 합계 요청을해야합니다. 모든 기사 ID를 연결합니다. 'a1, a2, a3'과 같은 하나의 문자열을 입력하면됩니다.200 문자보다 큰 문자열을 param을 통해 저장 프로 시저에 전달하는 방법
그러나 큰 ID 및 약 150 문서, 저장 프로 시저로 전달하려고 문자열을 약 1300 문자 및 저장 프로 시저로 이동할 때 200자를 자릅니다.
이 문자열을 자르려면 SQL Server가없는 저장 프로 시저에 큰 문자열을 전달하는 방법을 알고 있습니까?
나를 도와 줄 수 있다면 여기에 C# 코드 또는 SQL 저장 프로 시저를 쓸 수 있습니다. 여기
는 저장 프로 시저입니다 : 내가는 SQL 매개 변수를 추가하고 내 방법 내p.Size = 200;했다
ALTER PROCEDURE [dbo].[GetChargePetrin]
-- Add the parameters for the stored procedure here
@articlesList varchar(MAX)
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
SELECT
CAST(SUM(CAST(Qa01 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa1',
CAST(SUM(CAST(Qa02 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa2',
CAST(SUM(CAST(Qa03 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa3',
CAST(SUM(CAST(Qa04 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa4',
CAST(SUM(CAST(Qa05 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa5',
CAST(SUM(CAST(Qa06 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa6',
CAST(SUM(CAST(Qa07 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa7',
CAST(SUM(CAST(Qa08 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa8',
CAST(SUM(CAST(Qa09 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa9',
CAST(SUM(CAST(Qa10 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa10',
CAST(SUM(CAST(Qa11 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa11',
CAST(SUM(CAST(Qa12 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa12',
CAST(SUM(CAST(Qa13 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa13',
CAST(SUM(CAST(Qa14 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa14',
CAST(SUM(CAST(Qa15 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa15',
CAST(SUM(CAST(Qa16 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa16',
CAST(SUM(CAST(Qa17 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa17',
CAST(SUM(CAST(Qa18 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa18',
CAST(SUM(CAST(Qa19 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa19',
CAST(SUM(CAST(Qa20 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa20',
CAST(SUM(CAST(Qa21 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa21',
CAST(SUM(CAST(Qa22 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa22',
CAST(SUM(CAST(Qa23 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa23',
CAST(SUM(CAST(Qa24 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa24',
CAST(SUM(CAST(Qa25 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa25',
CAST(SUM(CAST(Qa26 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa26',
CAST(SUM(CAST(Qa27 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa27',
CAST(SUM(CAST(Qa28 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa28',
CAST(SUM(CAST(Qa29 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa29',
CAST(SUM(CAST(Qa30 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa30',
CAST(SUM(CAST(Qa31 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa31',
CAST(SUM(CAST(Qa32 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa32',
CAST(SUM(CAST(Qa33 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa33',
CAST(SUM(CAST(Qa34 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa34',
CAST(SUM(CAST(Qa35 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa35',
CAST(SUM(CAST(Qa36 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa36',
CAST(SUM(CAST(Qa37 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa37',
CAST(SUM(CAST(Qa38 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa38',
CAST(SUM(CAST(Qa39 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa39',
CAST(SUM(CAST(Qa40 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa40',
CAST(SUM(CAST(Qa41 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa41',
CAST(SUM(CAST(Qa42 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa42',
CAST(SUM(CAST(Qa43 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa43',
CAST(SUM(CAST(Qa44 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa44',
CAST(SUM(CAST(Qa45 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa45',
CAST(SUM(CAST(Qa46 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa46',
CAST(SUM(CAST(Qa47 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa47',
CAST(SUM(CAST(Qa48 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa48',
CAST(SUM(CAST(Qa49 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa49',
CAST(SUM(CAST(Qa50 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa50',
CAST(SUM(CAST(Qa51 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa51',
CAST(SUM(CAST(Qa52 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa52',
CAST(SUM(CAST(Qa53 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa53',
CAST(SUM(CAST(Qa54 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa54',
CAST(SUM(CAST(Qa55 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa55',
CAST(SUM(CAST(Qa56 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa56',
CAST(SUM(CAST(Qa57 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa57',
CAST(SUM(CAST(Qa58 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa58',
CAST(SUM(CAST(Qa59 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa59',
CAST(SUM(CAST(Qa60 AS INT) /CAST(a.CO_UQB_PET AS INT)) AS varchar) as 'qa60'
FROM [PDP_TTP].[dbo].[PDP] p
inner join [PDP_TTP].[dbo].[Articles] a ON a.Division=p.Division and a.Code_article=p.Code_article
WHERE CAST(a.CO_UQB_PET AS INT) >0 and a.Code_article IN(SELECT Id = Item FROM dbo.SplitInts(@articlesList, ','));
END
저장된 프로 시저를 확인해야합니다. 예를 들어 param이'varchar (200)'일 가능성이 높습니다. – Jamiec
구분 된 문자열을 전달하는 대신 테이블 값 매개 변수를 조사해야합니다. 구분 된 문자열을 전달할 때 동적 SQL을 통해 SQL 인젝션 취약점을 노출 시키거나 노출을 분산시켜야합니다. –
저장된 proc이 varchar (200) 유형의 매개 변수를 수락하면 입력 값을 제한값으로 자릅니다. 그렇다면 매개 변수의 용량을 요구 사항에 적합한 더 큰 것으로 변경해야합니다. 또한 적절한 용량의 열이있는 데이터를 삽입하려는 테이블을 확인하십시오. –