if (Request.QueryString["t"].ToString() == "ww")
{
StringBuilder picInfo = new StringBuilder("<?xml version='" + "1.0" + "' encoding='" + "utf-8" + "'?>");
int count = 0;
SqlConnection con = new SqlConnection(ConfigurationManager.AppSettings["constr"]);
con.Open();
SqlCommand cmd = new SqlCommand("select * from table1 where a = '" + Request.QueryString["selectdata"].ToString().Trim() + "'", con);
SqlDataReader rs = cmd.ExecuteReader();
picInfo.Append(" <selectChoice>");
while (rs.Read())
{为什么这样写没有查询到结果,我测试了selectdata已经传过去了,但是我把Request.QueryString["selectdata"].ToString().Trim() 改成像"aaa"这样的就可以查到数据,这是为什么呢?
这样select * from table1 where a = '" + Request.QueryString["selectdata"].ToString().Trim() + "'查不到结果
这样select * from table1 where a = '" + "aa" + "' 能查到结果的意思
参数没有写错的,我有两个参数的