public string FindBook(string field_1,string field_2,string str_where)
{
if (field_2.Length != 0) str_where += " "+field_1+" like "+field_2+" and";
return str_where;
}
protected void btnSearch_Click(object sender, EventArgs e)
{
string sqlStr = "SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where";
//把要查询的条件,即框的内容塞进FindBook()函数进行判断,如果第2个变量为空,则不把条件加入where后的语句中
string sql_where,Book_field1, Book_field2;
sql_where = "";
Book_field1 = "BookName";
Book_field2 = "TypeID";
sql_where+=FindBook(Book_field1, this.txBookName.Text, sql_where); //标志111111111111111
sql_where += FindBook(Book_field2, this.ddlType.Text, sql_where); //标志222222222222222
sqlStr += sql_where;
sqlStr += " 1=1";
Response.Write("'" + sqlStr + "'");
}
问题:
当只用标志11111111的代码时,Response.Write("'" + sqlStr + "'");显示正确的SQL 语句
'SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where BookName like 11111111111 and 1=1'
当标志1111111和标志222222的代码一起使用时就出现
'SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where BookName like 111111111 and BookName like 111111111 and TypeID like 计算机 and 1=1'
我看不出问题来 ,大家帮帮忙。。
{
if (field_2.Length != 0) str_where += " "+field_1+" like "+field_2+" and";
return str_where;
}
protected void btnSearch_Click(object sender, EventArgs e)
{
string sqlStr = "SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where";
//把要查询的条件,即框的内容塞进FindBook()函数进行判断,如果第2个变量为空,则不把条件加入where后的语句中
string sql_where,Book_field1, Book_field2;
sql_where = "";
Book_field1 = "BookName";
Book_field2 = "TypeID";
sql_where+=FindBook(Book_field1, this.txBookName.Text, sql_where); //标志111111111111111
sql_where += FindBook(Book_field2, this.ddlType.Text, sql_where); //标志222222222222222
sqlStr += sql_where;
sqlStr += " 1=1";
Response.Write("'" + sqlStr + "'");
}
问题:
当只用标志11111111的代码时,Response.Write("'" + sqlStr + "'");显示正确的SQL 语句
'SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where BookName like 11111111111 and 1=1'
当标志1111111和标志222222的代码一起使用时就出现
'SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where BookName like 111111111 and BookName like 111111111 and TypeID like 计算机 and 1=1'
我看不出问题来 ,大家帮帮忙。。
解决方案 »
- 界面上的textbox,是用服务端控件好呢,还是input好呢?
- 继续问,数据集插入数据库表问题.
- 大家帮忙看看吧!!!
- gridview中textbox 对齐方式
- 求救,SPS中关于自定义的webpart上载时候的安全性问题
- 如何在里加一个删除确认对话框?<asp:HyperLink id="link2" runat="server" NavigateUrl='<%# "del.aspx?id="+ DataBinder.Eval(Containe
- 100分求助,我应该学ASP.NET呢还是学JSP?
- 有这个数据库吗?Microsoft Office\Office\Samples\Northwind.mdb
- listbox 绑捆两字段数据显示
- 建议CSDN加个即使执行代码的功能!!支持者进来签个名~~~~~!!!
- 关于ListBox与CheckBoxList绑定数据
- 如何使用Request得到LISTBOX里面的值
MessageBox.Show(a);
a = "fdlsa";
a = "jkfdlsajl111111";
结果是abc,, 要怎么赋值才能得到第3次赋值的结果啊???按这个道理
public string FindBook(string field_1,string field_2,string str_where)
{
if (field_2.Length != 0) str_where += " "+field_1+" like "+field_2+" and"; -------------这里的str_where
return str_where;
}
这里的str_where 就好像上面的例子那样 保留的原来的值,然后又继续+=地叠加???
a = "fdlsa";
a = "jkfdlsajl111111";
MessageBox.Show(a); 这样就是第3个
就是public string FindBook(string field_1,string field_2,string str_where)
{ str_where=“”;--------------这里添加就不会出现重复了
if (field_2.Length != 0) str_where += " "+field_1+" like "+field_2+" and"; -------------这里的str_where
return str_where;
}
谢谢大家。。
{
string sqlStr = "SELECT BookName,Author,Publisher,Type FROM Book JOIN BookType ON Book.TypeID = BookType.ID where";
//把要查询的条件,即框的内容塞进FindBook()函数进行判断,如果第2个变量为空,则不把条件加入where后的语句中
string sql_where,sql_wh, Book_field1, Book_field2;
sql_where = "";
sql_wh = "";
Book_field1 = "BookName";
Book_field2 = "TypeID"; sql_where += FindBook(Book_field1, this.txBookName.Text, sql_where); //标志111111111111111
sql_wh += FindBook(Book_field2, this.ddlType.Text, sql_where); //标志222222222222222
sqlStr += sql_wh;
sqlStr += " 1=1";
Response.Write("'" + sqlStr + "'");
}
public string FindBook(string field_1, string field_2, string str_where)
{
if (field_2.Length != 0) str_where += " " + field_1 + " like " + field_2 + " and"; return str_where;
}