[MSSQL]采用pivot函数实现动态行转列
环境要求:2005+ 在日常需求中经常会有行转列的事情需求处理,如果不是动态的行,那么我们可以采取case when 罗列处理。 在sql 2005以前处理动态行或列的时候,通常采用拼接字符串的方法处理,在2005以后新增了pivot函数之后,我可以利用这样函数来处理。 1.
环境要求:2005+
在日常需求中经常会有行转列的事情需求处理,如果不是动态的行,那么我们可以采取case when 罗列处理。
在sql 2005以前处理动态行或列的时候,通常采用拼接字符串的方法处理,在2005以后新增了pivot函数之后,我可以利用这样函数来处理。
1.动态SQL注入式判断函数
--既然是用到了动态SQL,就有一个老话题:SQL注入。建一个注入性字符的判断函数。
CREATE FUNCTION [dbo].[fn_CheckSQLInjection]
(
@Col nvarchar(4000)
)
RETURNS BIT --如果存在可能的注入字符返回true,反之返回false
AS
BEGIN
DECLARE @result bit;
IF
UPPER(@Col) LIKE UPPER(N'%0x%')
OR UPPER(@Col) LIKE UPPER(N'%;%')
OR UPPER(@Col) LIKE UPPER(N'%''%')
OR UPPER(@Col) LIKE UPPER(N'%--%')
OR UPPER(@Col) LIKE UPPER(N'%/*%*/%')
OR UPPER(@Col) LIKE UPPER(N'%EXEC%')
OR UPPER(@Col) LIKE UPPER(N'%xp_%')
OR UPPER(@Col) LIKE UPPER(N'%sp_%')
OR UPPER(@Col) LIKE UPPER(N'%SELECT%')
OR UPPER(@Col) LIKE UPPER(N'%INSERT%')
OR UPPER(@Col) LIKE UPPER(N'%UPDATE%')
OR UPPER(@Col) LIKE UPPER(N'%DELETE%')
OR UPPER(@Col) LIKE UPPER(N'%TRUNCATE%')
OR UPPER(@Col) LIKE UPPER(N'%CREATE%')
OR UPPER(@Col) LIKE UPPER(N'%ALTER%')
OR UPPER(@Col) LIKE UPPER(N'%DROP%')
SET @result=1
ELSE
SET @result=0
return @result
END
GO2.需求:
--通过日期查询几个表联合,按照检验项目分类,按日期横向展示
select a.检验项目 , CONVERT(char(10),a.日期,120)日期,Convert(decimal(18,2),cast((SUM(a.测试数量)-SUM(a.不良数量)) as decimal(18,2))/sum(测试数量))*100 as 良率
--into #tempcob
from (select 日期,检验项目, 测试数量, 不良数量 from 制程COB成测 union all
select 日期,检验项目, 测试数量, 不良数量 from 制程COB外观 union all
select 日期,检验项目,测试数量, 不良数量 from 制程COB绑测 union all
select 送检日期,'FQC_COB_检验',检验数量,不合格数量 from 制程FQC_COB_检验
) as a
where CONVERT(char(10),日期,120)>='2014-10-01' and CONVERT(char(10),日期,120)<= '2014-10-30'
group by a.检验项目,a.日期3.解决方案:
--抓取数据写入临时表#tempcob
select a.检验项目 , CONVERT(char(10),a.日期,120)日期,Convert(decimal(18,2),cast((SUM(a.测试数量)-SUM(a.不良数量)) as decimal(18,2))/sum(测试数量))*100 as 良率
into #tempcob
from (select 日期,检验项目, 测试数量, 不良数量 from 制程COB成测 union all
select 日期,检验项目, 测试数量, 不良数量 from 制程COB外观 union all
select 日期,检验项目,测试数量, 不良数量 from 制程COB绑测 union all
select 送检日期,'FQC_COB_检验',检验数量,不合格数量 from 制程FQC_COB_检验
) as a
where CONVERT(char(10),日期,120)>='2014-10-01' and CONVERT(char(10),日期,120)<= '2014-10-30'
group by a.检验项目,a.日期
--查看临时表数据,取分布日期(不重复)
--select 日期 from #tempcob
--select distinct 日期 from #tempcob
DECLARE @SQL NVARCHAR(4000)=N'';
--这里使用了xml处理来处理类组字符串
SET @SQL=STUFF((SELECT N','+QUOTENAME(b.日期) FROM (select distinct 日期 from #tempcob) as b
FOR XML PATH('')),1,1,N'');
--加入了xml处理和SQL注入预防判断
IF dbo.fn_CheckSQLInjection(@SQL)=0
SET @SQL='select * from #tempcob pivot (max(良率) for 日期 in ('+@SQL+')) as tt'
EXEC(@SQL);
drop table #tempcob
4.结果:
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1377
52
Tips for dynamically creating new functions in golang functions
Apr 25, 2024 pm 02:39 PM
Go language provides two dynamic function creation technologies: closure and reflection. closures allow access to variables within the closure scope, and reflection can create new functions using the FuncOf function. These technologies are useful in customizing HTTP routers, implementing highly customizable systems, and building pluggable components.
Considerations for parameter order in C++ function naming
Apr 24, 2024 pm 04:21 PM
In C++ function naming, it is crucial to consider parameter order to improve readability, reduce errors, and facilitate refactoring. Common parameter order conventions include: action-object, object-action, semantic meaning, and standard library compliance. The optimal order depends on the purpose of the function, parameter types, potential confusion, and language conventions.
How to write efficient and maintainable functions in Java?
Apr 24, 2024 am 11:33 AM
The key to writing efficient and maintainable Java functions is: keep it simple. Use meaningful naming. Handle special situations. Use appropriate visibility.
Complete collection of excel function formulas
May 07, 2024 pm 12:04 PM
1. The SUM function is used to sum the numbers in a column or a group of cells, for example: =SUM(A1:J10). 2. The AVERAGE function is used to calculate the average of the numbers in a column or a group of cells, for example: =AVERAGE(A1:A10). 3. COUNT function, used to count the number of numbers or text in a column or a group of cells, for example: =COUNT(A1:A10) 4. IF function, used to make logical judgments based on specified conditions and return the corresponding result.
Comparison of the advantages and disadvantages of C++ function default parameters and variable parameters
Apr 21, 2024 am 10:21 AM
The advantages of default parameters in C++ functions include simplifying calls, enhancing readability, and avoiding errors. The disadvantages are limited flexibility and naming restrictions. Advantages of variadic parameters include unlimited flexibility and dynamic binding. Disadvantages include greater complexity, implicit type conversions, and difficulty in debugging.
What are the benefits of C++ functions returning reference types?
Apr 20, 2024 pm 09:12 PM
The benefits of functions returning reference types in C++ include: Performance improvements: Passing by reference avoids object copying, thus saving memory and time. Direct modification: The caller can directly modify the returned reference object without reassigning it. Code simplicity: Passing by reference simplifies the code and requires no additional assignment operations.
What is the difference between custom PHP functions and predefined functions?
Apr 22, 2024 pm 02:21 PM
The difference between custom PHP functions and predefined functions is: Scope: Custom functions are limited to the scope of their definition, while predefined functions are accessible throughout the script. How to define: Custom functions are defined using the function keyword, while predefined functions are defined by the PHP kernel. Parameter passing: Custom functions receive parameters, while predefined functions may not require parameters. Extensibility: Custom functions can be created as needed, while predefined functions are built-in and cannot be modified.
C++ Function Exception Advanced: Customized Error Handling
May 01, 2024 pm 06:39 PM
Exception handling in C++ can be enhanced through custom exception classes that provide specific error messages, contextual information, and perform custom actions based on the error type. Define an exception class inherited from std::exception to provide specific error information. Use the throw keyword to throw a custom exception. Use dynamic_cast in a try-catch block to convert the caught exception to a custom exception type. In the actual case, the open_file function throws a FileNotFoundException exception. Catching and handling the exception can provide a more specific error message.
