web form与win form中,请问在insert插入字符串sql语句中,怎么插入 '单引号,不出错?有什么简便的方法吗? 难道要replase("\'","")吗?如题,谢谢! 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 String testValue = "a'";String strSql = "insert into 表(test) values('" + testValue.Replace("'","''") + "')"; 也可以使用 存储过程,但不要是以 exec @sql 的方式执行,hehe. 直接用char(39)函数转换单引号 为什么不用参数呢,用参数可以避免很多问题。参看http://blog.csdn.net/Knight94/archive/2006/04/15/664530.aspx 单引号替换成两个SQL语句中,两个单引号表示一个,以与字符界定符区别 我把完整代码发上来吧:提交页:private void btnSumbit_Click(object sender, System.EventArgs e){if(lbDircetList.Items.Count == 0){lblMessage.Text = "請輸入部門!";}else{string str="";for (int i=0;i<this.lbDircetList.Items.Count;i++){str = str+"'"+this.lbDircetList.Items[i].Value+"'"+",";}str = str.Remove(str.Length - 1,1);Page.RegisterStartupScript("","<script>window.open(rp_Total.aspx?departmentcode="+str+");</script>");}}-------------------------------------------------------------------接收页:private void ConfigurCrystalReports(){string departmentcode = Request.QueryString["departmentcode"];ReportDocument myReportDoc = new ReportDocument();string reportPath = Server.MapPath("../Reports/rp_Total.rpt");myReportDoc.Load(reportPath);TableLogOnInfo logonInfo = new TableLogOnInfo();foreach(CrystalDecisions.CrystalReports.Engine.Table tb in myReportDoc.Database.Tables){ logonInfo = tb.LogOnInfo;logonInfo.ConnectionInfo.ServerName = "test";=logonInfo.ConnectionInfo.DatabaseName = "testdb";logonInfo.ConnectionInfo.UserID = "sa";logonInfo.ConnectionInfo.Password = ""; tb.ApplyLogOnInfo(logonInfo);} ParameterValues pvDepartmentCode = new ParameterValues();ParameterDiscreteValue pdDepartmentCode = new ParameterDiscreteValue();pdDepartmentCode.Value = departmentcode;pvDepartmentCode.Add(pdDepartmentCode);myReportDoc.DataDefinition.ParameterFields["DepartmentCode"].ApplyCurrentValues(pvDepartmentCode);myCrystalReportViewer.ReportSource = myReportDoc;}--------------------------------------------------------------问题:我在提交页里面按提交按钮后出错.我想是因为以下这个语句加了"'"单引号的问题.str = str+"'"+this.lbDircetList.Items[i].Value+"'"+",";-----------------------------------------------------------------为什么我要加单引号呢,我是用来提交到水晶报表的参数里面执行SQL语句的.水昌报表里面的SQL语句是这样的:Select * from test where no in({?departmentcode})------------------------------------------------------------------问题是我加了单引号就不行了.能帮我改改我的代码吗?不胜感谢! Invoke与委托 ‘未做’附近有语法错误 checkbox 怎么处理 各位大侠,这个软件是杂个实现的呢? [EveryOne][100分!~] 急求反射调用方法问题 关于C#函数调用效率问题 能不能把两张图片生成的流,全并成一张图片呢? XP风格菜单的实现??? 高手帮忙 怎樣用非管理員帳號讀取注冊表信息 在vs 2005中怎么取得app.config中connectionStrings的值?? VB区没人气,net里多数人都出身VB吧,就问个vb通过soap调用webservice怎么能得到记录集
String strSql = "insert into 表(test) values('" + testValue.Replace("'","''") + "')";
http://blog.csdn.net/Knight94/archive/2006/04/15/664530.aspx
SQL语句中,两个单引号表示一个,以与字符界定符区别
提交页:
private void btnSumbit_Click(object sender, System.EventArgs e)
{
if(lbDircetList.Items.Count == 0)
{
lblMessage.Text = "請輸入部門!";
}
else
{
string str="";for (int i=0;i<this.lbDircetList.Items.Count;i++)
{
str = str+"'"+this.lbDircetList.Items[i].Value+"'"+",";
}
str = str.Remove(str.Length - 1,1);
Page.RegisterStartupScript("","<script>window.open(rp_Total.aspx?departmentcode="+str+");</script>");
}
}
-------------------------------------------------------------------
接收页:
private void ConfigurCrystalReports()
{
string departmentcode = Request.QueryString["departmentcode"];ReportDocument myReportDoc = new ReportDocument();
string reportPath = Server.MapPath("../Reports/rp_Total.rpt");
myReportDoc.Load(reportPath);
TableLogOnInfo logonInfo = new TableLogOnInfo();foreach(CrystalDecisions.CrystalReports.Engine.Table tb in myReportDoc.Database.Tables)
{
logonInfo = tb.LogOnInfo;
logonInfo.ConnectionInfo.ServerName = "test";
=logonInfo.ConnectionInfo.DatabaseName = "testdb";
logonInfo.ConnectionInfo.UserID = "sa";
logonInfo.ConnectionInfo.Password = "";
tb.ApplyLogOnInfo(logonInfo);
}
ParameterValues pvDepartmentCode = new ParameterValues();
ParameterDiscreteValue pdDepartmentCode = new ParameterDiscreteValue();
pdDepartmentCode.Value = departmentcode;
pvDepartmentCode.Add(pdDepartmentCode);
myReportDoc.DataDefinition.ParameterFields["DepartmentCode"].ApplyCurrentValues(pvDepartmentCode);myCrystalReportViewer.ReportSource = myReportDoc;}
--------------------------------------------------------------
问题:我在提交页里面按提交按钮后出错.我想是因为以下这个语句加了"'"单引号的问题.
str = str+"'"+this.lbDircetList.Items[i].Value+"'"+",";
-----------------------------------------------------------------
为什么我要加单引号呢,我是用来提交到水晶报表的参数里面执行SQL语句的.
水昌报表里面的SQL语句是这样的:
Select * from test where no in({?departmentcode})
------------------------------------------------------------------
问题是我加了单引号就不行了.能帮我改改我的代码吗?不胜感谢!