string a=Request.QueryString["WRLOC"].ToString().Trim();
string b=Request.QueryString["WRFAC"].ToString().Trim();
string c=Request.QueryString["WRPROD"].ToString().Trim();
string d=Request.QueryString["WRTOOL"].ToString().Trim();
string e=Request.QueryString["WRRDTE"].ToString().Trim();
string sql="select * from I_CustomOrder where WRLOC = '" + a +"' and WRFAC = '" + b +"'and WRPROD = '" + c +"'and WRTOOL = '" + d +"'and WRRDTE = '" + e +"' ";
SqlDataAdapter ada = new SqlDataAdapter(sql,con);
DataSet ds = new DataSet();
ada.Fill(ds,"temp");
ada.Dispose();
con.Close(); 如果WRPROD='K7203+008+9011D'就查不到數據
string b=Request.QueryString["WRFAC"].ToString().Trim();
string c=Request.QueryString["WRPROD"].ToString().Trim();
string d=Request.QueryString["WRTOOL"].ToString().Trim();
string e=Request.QueryString["WRRDTE"].ToString().Trim();
string sql="select * from I_CustomOrder where WRLOC = '" + a +"' and WRFAC = '" + b +"'and WRPROD = '" + c +"'and WRTOOL = '" + d +"'and WRRDTE = '" + e +"' ";
SqlDataAdapter ada = new SqlDataAdapter(sql,con);
DataSet ds = new DataSet();
ada.Fill(ds,"temp");
ada.Dispose();
con.Close(); 如果WRPROD='K7203+008+9011D'就查不到數據
SqlConnection con=new SqlConnection(ConfigurationSettings.AppSettings["cnn"]);
con.Open();
string sql1="select * from I_CustomOrder where (WRLOC =@WRLOC and WRFAC =@WRFAC and WRPROD =@WRPROD and WRTOOL =@WRTOOL and WRRDTE =@WRRDTE ) ";
SqlDataAdapter ada = new SqlDataAdapter(sql1,con);
//string cmdString="select xm,idcode,password from where( WRLOC=@WRLOC and idcode=@idcode and password=@password)
//Command cmdUser=new SqlCommand(cmdString,userConnection);
SqlParameter prm1=new SqlParameter ("@WRFAC",SqlDbType.NChar ,18 );
prm1.Direction=ParameterDirection.Input ;
SqlParameter prm2=new SqlParameter ("@WRFAC",SqlDbType.NChar ,18);
prm2.Direction=ParameterDirection.Input;
SqlParameter prm3=new SqlParameter ("@WRPROD",SqlDbType.NChar ,16);
prm3.Direction=ParameterDirection.Input;
SqlParameter prm4=new SqlParameter ("@WRTOOL",SqlDbType.NChar ,16);
prm4.Direction=ParameterDirection.Input;
SqlParameter prm5=new SqlParameter ("@WRRDTE",SqlDbType.NChar ,16);
prm5.Direction=ParameterDirection.Input;
sql1.Parameters.Add(prm1);
sql1.Parameters.Add(prm2);
sql1.Parameters.Add(prm3);
sql1.Parameters.Add(prm4);
sql1.Parameters.Add(prm5);
prm1.Value =Request.QueryString["WRLOC"].ToString().Trim();
prm2.Value =Request.QueryString["WRFAC"].ToString().Trim();
prm3.Value =Request.QueryString["WRPROD"].ToString().Trim();
prm4.Value =Request.QueryString["WRTOOL"].ToString().Trim();
prm5.Value =Request.QueryString["WRRDTE"].ToString().Trim();
這個參數怎惡魔賦值???