using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using WangWei.DBUtility;
using WangWei.DAL;
using System.Data.SqlClient;
public partial class Queryph : WangWei.Common.BasePage
{
string strWhere = ""; protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
try
{
this.DocDate.Text = DateTime.Now.ToShortDateString();
this.EDate.Text = DateTime.Now.ToShortDateString();
strWhere = GetstrWhere();
this.BindData(strWhere);
}
catch (Exception ex)
{
throw ex;
}
}
} protected void BindData(string where)
{
int count = 0;
string strSql = " select count(1) from ibt1 T0 " + where;
DataSet ds = new DataSet();
ds = WangWei.DBUtility.DbHelperSQLSAP.Query(strSql); count = Convert.ToInt32(ds.Tables[0].Rows[0][0].ToString());
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' order by T0.BaseEntry ,T0.itemcode asc "
+ where, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" ); Repeater.DataSource = ds;
Repeater.DataBind(); pager.RecordCount = count; pager.CustomInfoText = "记录总数:<font color=\"blue\"><b>" + count.ToString() + "</b></font>";
pager.CustomInfoText += " 总页数:<font color=\"blue\"><b>" + pager.PageCount.ToString() + "</b></font>";
pager.CustomInfoText += " 当前页:<font color=\"red\"><b>" + pager.CurrentPageIndex.ToString() + "</b></font>"; } protected string GetLineID()
{
return this.txtLineID.Text.ToString();
} protected string GetWhsCode(string strCode)
{
WangWei.Model.Depart m_Depart = new WangWei.Model.Depart();
WangWei.DAL.Depart o_Depart = new WangWei.DAL.Depart();
m_Depart = o_Depart.GetModel(Convert.ToInt32(strCode));
return m_Depart.Store;
} protected void ChangePage(object src, Wuqi.Webdiyer.PageChangedEventArgs e)
{
pager.CurrentPageIndex = e.NewPageIndex;
strWhere = GetstrWhere();
BindData(strWhere);
} protected string GetstrWhere()
{
string sql = "";
string str1 = "";
string strBeginDate = "2008-01-01";
string strEndDate = "2100-01-01"; if (this.DocDate.Text != "")
strBeginDate = this.DocDate.Text;
if (this.EDate.Text != "")
strEndDate = this.EDate.Text; sql = " where T0.Docdate>='" + strBeginDate + "' and T0.docdate<='" + strEndDate + "' "; if (this.user.Position != "1")
{
sql = sql + " and T0.whscode='" + GetWhsCode(this.user.Depart) + "' ";
} if (this.DropDownList1.SelectedValue == "All")
{
return sql;
}
if (this.DropDownList2.SelectedValue == "=")
str1 = "=";
if (this.DropDownList2.SelectedValue == ">")
str1 = ">";
if (this.DropDownList2.SelectedValue == "<")
str1 = "<";
if (this.DropDownList2.SelectedValue == "")
str1 = "like ";
if (this.TextBox1.Text == "")
{
AddLoadMessage("请填写参数");
return sql;
}
str1 = this.DropDownList2.SelectedValue;
if (str1.ToLower() == "like")
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '%" + this.TextBox1.Text + "%' ";
}
else
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '" + this.TextBox1.Text + "' ";
}
return sql;
} protected void Button1_Click(object sender, EventArgs e)
{
strWhere = GetstrWhere(); BindData(strWhere);
}
}
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using WangWei.DBUtility;
using WangWei.DAL;
using System.Data.SqlClient;
public partial class Queryph : WangWei.Common.BasePage
{
string strWhere = ""; protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
try
{
this.DocDate.Text = DateTime.Now.ToShortDateString();
this.EDate.Text = DateTime.Now.ToShortDateString();
strWhere = GetstrWhere();
this.BindData(strWhere);
}
catch (Exception ex)
{
throw ex;
}
}
} protected void BindData(string where)
{
int count = 0;
string strSql = " select count(1) from ibt1 T0 " + where;
DataSet ds = new DataSet();
ds = WangWei.DBUtility.DbHelperSQLSAP.Query(strSql); count = Convert.ToInt32(ds.Tables[0].Rows[0][0].ToString());
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' order by T0.BaseEntry ,T0.itemcode asc "
+ where, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" ); Repeater.DataSource = ds;
Repeater.DataBind(); pager.RecordCount = count; pager.CustomInfoText = "记录总数:<font color=\"blue\"><b>" + count.ToString() + "</b></font>";
pager.CustomInfoText += " 总页数:<font color=\"blue\"><b>" + pager.PageCount.ToString() + "</b></font>";
pager.CustomInfoText += " 当前页:<font color=\"red\"><b>" + pager.CurrentPageIndex.ToString() + "</b></font>"; } protected string GetLineID()
{
return this.txtLineID.Text.ToString();
} protected string GetWhsCode(string strCode)
{
WangWei.Model.Depart m_Depart = new WangWei.Model.Depart();
WangWei.DAL.Depart o_Depart = new WangWei.DAL.Depart();
m_Depart = o_Depart.GetModel(Convert.ToInt32(strCode));
return m_Depart.Store;
} protected void ChangePage(object src, Wuqi.Webdiyer.PageChangedEventArgs e)
{
pager.CurrentPageIndex = e.NewPageIndex;
strWhere = GetstrWhere();
BindData(strWhere);
} protected string GetstrWhere()
{
string sql = "";
string str1 = "";
string strBeginDate = "2008-01-01";
string strEndDate = "2100-01-01"; if (this.DocDate.Text != "")
strBeginDate = this.DocDate.Text;
if (this.EDate.Text != "")
strEndDate = this.EDate.Text; sql = " where T0.Docdate>='" + strBeginDate + "' and T0.docdate<='" + strEndDate + "' "; if (this.user.Position != "1")
{
sql = sql + " and T0.whscode='" + GetWhsCode(this.user.Depart) + "' ";
} if (this.DropDownList1.SelectedValue == "All")
{
return sql;
}
if (this.DropDownList2.SelectedValue == "=")
str1 = "=";
if (this.DropDownList2.SelectedValue == ">")
str1 = ">";
if (this.DropDownList2.SelectedValue == "<")
str1 = "<";
if (this.DropDownList2.SelectedValue == "")
str1 = "like ";
if (this.TextBox1.Text == "")
{
AddLoadMessage("请填写参数");
return sql;
}
str1 = this.DropDownList2.SelectedValue;
if (str1.ToLower() == "like")
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '%" + this.TextBox1.Text + "%' ";
}
else
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '" + this.TextBox1.Text + "' ";
}
return sql;
} protected void Button1_Click(object sender, EventArgs e)
{
strWhere = GetstrWhere(); BindData(strWhere);
}
}
解决方案 »
- 求一段代码,前台混编代码,如何获得数据库的数据
- passwordRecovery控件问题
- SOS~~~关于条件的问题
- 请问导出excel时,为什么在“文件下载”对话框上点“打开”时,又出现了“文件下载”对话框?
- 谁可以给一个身份凭证的例子,在webconfig、globla里面的验证,谢谢,急,在线等
- 我的WEB项目不能调试了,这是怎么回事???
- 如何根据一个网页对话框的返回值,改变WebForm上某一控件的值或属性
- 谁能提供AspNetForum的中文版程序(或指导汉化方法)?---加分,加分,再加分。
- 匹配任何一个字符的正则表达式要怎么写
- 如何用代码生成数据库?
- .NET两个安装包
- 网站建设的若干问题~散分~~~
left join oitm T2 ON T2.itemcode=T0.itemcode
left join owtr T3 ON T3.DocNum=T0.BaseEntry
left join oibt T4 ON T4.ItemCode=T0.ItemCode
and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and
T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01'
order by T0.BaseEntry ,T0.itemcode asc
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' order by T0.BaseEntry ,T0.itemcode asc " + where, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" );
改为
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' " + where+" order by T0.BaseEntry ,T0.itemcode asc " , pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" );应该先+ where 然后再 order by T0.BaseEntry ,T0.itemcode asc
难道我年纪大了,眼花
------------------
string strSql = " select count(1) from ibt1 T0 where" +;//把where放到字符串里面去...ps:不要拼SQL,用Parameter传递参数...
str1 = "=";
if (this.DropDownList2.SelectedValue == ">")
str1 = ">";
if (this.DropDownList2.SelectedValue == "<")
str1 = "<";
if (this.DropDownList2.SelectedValue == "")
str1 = "like ";
if (this.TextBox1.Text == "")
{
AddLoadMessage("请填写参数");
return sql;
}
str1 = this.DropDownList2.SelectedValue;
if (str1.ToLower() == "like")
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '%" + this.TextBox1.Text + "%' ";
}
else
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '" + this.TextBox1.Text + "' ";--------看看你认为>,< 是比较字符串的嘛?如果不是请去掉单引号或者更改代码
}
return sql;
--------------------
姑且不说拼接容易导致异常得不到处理容易被sql注入攻击,来说说你的代码的一些问题前面你的strl就已经取得dropdownlist2的选择值了,结果拼接的时候还用去取一次,唉