with adoquery do begin close ; sql.clear ; sql.add('select * from table where field1 = ' + QuotedStr(sParam)); Open ; end ;
或者用参数向里面传,这样可以避免一些sql限制的字符
function ChangeStarChar(sourStr : string): string ; var i : integer; begin sourStr:=StringReplace(sourStr,'_','[_]',[rfReplaceAll]); sourStr:=StringReplace(sourStr,'"','""',[rfReplaceAll]); sourStr:=StringReplace(sourStr,''','''',[rfReplaceAll]); while pos('*',sourStr)>0 do sourStr[pos('*',sourStr)]:='%' ; result:=sourStr; end;with adoquery do begin close ; sql.clear ; sql.add('select * from table where field1 = ' + ChangeStarChar(edit1.text)); Open ; end ;
你可以用参数的方法查找可避免。 with query do begin close; sql.clear; sql.add('select * from table where str= :str'); ParamByName('str').asstring :=edit1.text; try open; except showmessage('error'); end; end;
不知道你说的情况具体是怎样的,如果查询语句是 select * from xxx where 字段1='变量' 的话,在程序中可以这样 sqlstr := 'select * from xxx where 字段1 = ' + #39 + '变量' + #39
(select * from table where field1 = "'+sParam+'"')
最好的办法是用quotedstr() 如'select * from table where field1 = '+quotedstr(param);
不用那么麻烦声明一个常量为constph:'''';然后当需要用到‘的时候用ph就可以了
with adoquery do begin close ; sql.clear ; sql.add('select * from table where field1 ='+'''QuotedStr(sParam)'''); Open ; end ;
begin
close ;
sql.clear ;
sql.add('select * from table where field1 = ' + QuotedStr(sParam));
Open ;
end ;
var
i : integer;
begin
sourStr:=StringReplace(sourStr,'_','[_]',[rfReplaceAll]);
sourStr:=StringReplace(sourStr,'"','""',[rfReplaceAll]);
sourStr:=StringReplace(sourStr,''','''',[rfReplaceAll]);
while pos('*',sourStr)>0 do
sourStr[pos('*',sourStr)]:='%' ;
result:=sourStr;
end;with adoquery do
begin
close ;
sql.clear ;
sql.add('select * from table where field1 = ' + ChangeStarChar(edit1.text));
Open ;
end ;
with query do
begin
close;
sql.clear;
sql.add('select * from table where str= :str');
ParamByName('str').asstring :=edit1.text;
try
open;
except
showmessage('error');
end;
end;
sqlstr := 'select * from xxx where 字段1 = ' + #39 + '变量' + #39
如'select * from table where field1 = '+quotedstr(param);
begin
close ;
sql.clear ;
sql.add('select * from table where field1 ='+'''QuotedStr(sParam)''');
Open ;
end ;