where UserId=" + UserId.ToString() and comId=1 就是这样,其中有or 之类的,可以查找一下其他相关的资料
strsql = "select Desribe,OtherRequest from tbl_givejobinfo where UserId='" + UserId.ToString() + "' and name='" + userName + "'"; //这里userName是string型变量
strsql =string.Format("select Desribe,OtherRequest from tbl_givejobinfo where UserId='{0}' and comId='{1}', UserId.ToString(), comId.ToString())
LS都说了 SQL语句其实就是英语拉where 语句 and 语句 and 语句 and 语句用and连接
strsql = "select Desribe,OtherRequest from tbl_givejobinfo where UserId=" + UserId.ToString() +" and comId="+comId.ToString();//如果comId在数据库里为字符串型的就要" and comId='"+comId.ToString()+"'";
用and连接 and comId='"+comId.ToString()+"'";
顶,这样更好 然后在拼字符串前面加上条件的过滤 str=str.replace("'","");
strsql = "select Desribe,OtherRequest from tbl_givejobinfo"+ " where UserId=" + UserId.ToString()+" and ComId="+ComId.ToString();
就是这样,其中有or 之类的,可以查找一下其他相关的资料
SQL语句其实就是英语拉where 语句 and 语句 and 语句 and 语句用and连接
and comId='"+comId.ToString()+"'";
然后在拼字符串前面加上条件的过滤
str=str.replace("'","");
" where UserId=" + UserId.ToString()+" and ComId="+ComId.ToString();