string UserName=Common.AllUsers.UserLogined.UserName;//要传的username的值
StringBuilder sa = new StringBuilder();
sa.Append("select username,userpass,userpassagain,name,telephone");
sa.Append("from userinformation");
sa.Append("where username=@UserName");
MySqlParameter[] pmts = new MySqlParameter[1];//另一个类里面有getDataTable_Pmts函数 pmts[0] = new MySqlParameter("@UserName",UserName );
DataTable dt = DB.getDataTable_Pmts(sa.ToString(), pmts);
运行以后总显示check the manual that corresponds to your MySQL server version for the right syntax to use near 'username='test'' at line 1,这是为什么啊(test 就是传上去的用户名)
StringBuilder sa = new StringBuilder();
sa.Append("select username,userpass,userpassagain,name,telephone");
sa.Append("from userinformation");
sa.Append("where username=@UserName");
MySqlParameter[] pmts = new MySqlParameter[1];//另一个类里面有getDataTable_Pmts函数 pmts[0] = new MySqlParameter("@UserName",UserName );
DataTable dt = DB.getDataTable_Pmts(sa.ToString(), pmts);
运行以后总显示check the manual that corresponds to your MySQL server version for the right syntax to use near 'username='test'' at line 1,这是为什么啊(test 就是传上去的用户名)
string UserName=Common.AllUsers.UserLogined.UserName;//要传的username的值
StringBuilder sa = new StringBuilder();
sa.Append("select username,userpass,userpassagain,name,telephone ");
sa.Append(" from userinformation ");
sa.Append(" where username=@UserName");
MySqlParameter[] pmts = new MySqlParameter[1];//另一个类里面有getDataTable_Pmts函数
pmts[0] = new MySqlParameter("@UserName",UserName );
DataTable dt = DB.getDataTable_Pmts(sa.ToString(), pmts);
sa.Append(" from userinformation");
sa.Append(" where username=@UserName");
这样就行了
2. 用下面的代码代替你的最后一格append:
sa.Append("where username='"+@UserName+"'");
sa.Append(@UserName);
sa.Append("'");
请注意,在sql里面,字符串是要加''的,除非是数字才不要加。这种错误在编程的时候容易忽略的
DataTable dt = DB.getDataTable_Pmts(sa.ToString(), pmts);看看运行时sa到底是什么值,把它拷贝到查询分析器里,检查一下,就一目了然了。