我用dropwdonlist和文本框选择从sqlserver到aspvb.net中的另一种形式但是给我一个错误不正确的语法接近脚本是
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
If Len(Session("LibuserID")) = 0 Then
Response.Redirect("./index.aspx")
End If
Dim DBConn As SqlConnection
Dim DBCommand As SqlDataAdapter
Dim DSPageData As New DataSet
DBConn = New SqlConnection("Data Source=localhost;" & _
"initial catalog=test;Integrated Security=True;")
If Request.QueryString("Type") = "Search" Then
lblMessage.Text = "Resultati Poiska:"
DBCommand = New SqlDataAdapter _
("Select LibBookID,BookTitle,Author,Status " _
& "from LibBooks where " _
& Request.QueryString("ddlSearchField") & "Like '%" _
& Replace(Request.QueryString("txtSearchText"), "'", "''") _
& "&' order by BookTitle", DBConn)
ElseIf Request.QueryString("Type") = "Browse" Then
lblMessage.Text = "kniqi otnosyasiesya k etoy kategorii:"
DBCommand = New SqlDataAdapter _
("select LibBookID,BookTitle,Author,Status " _
& "from LibBooks where " _
& "LibBookCategoryID = " _
& Request.QueryString("LibBookCategoryID") _
& "Order By BookTitle", DBConn)
Else
Response.Redirect("./menu.aspx")
End If
DBCommand.Fill(DSPageData, _
"Books")
dbBooks.DataSource = _
DSPageData.Tables("Books").DefaultView
dbBooks.DataBind()
End Sub
错误是
关键字"Like"附近的语法不正确。
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near the keyword 'Like'.
Source Error:
Line 33: Response.Redirect("./menu.aspx")
Line 34: End If
Line 35: DBCommand.Fill(DSPageData, _
Line 36: "Books")
Line 37: dbBooks.DataSource = _
在LIKE子句之前放一个空格。
&Request.QueryString("ddlSearchField")&"像"%"_
正如有人所说,您应该使用参数化查询,而不是这样。可能您的问题是Request.QueryString("ddlSearchField")为null或为空,所以如果您想将查询更改为参数化查询,则必须重写所有查询,如果您只想让它工作,则必须检查值是null还是为空。