返回SQL语句的问题
- C# code
try { try { brand = Request.QueryString["brand"].Trim(); price = Request.QueryString["price"].Trim(); graphics = Request.QueryString["graphics"].Trim(); size = Request.QueryString["size"].Trim(); } catch (Exception exone) { } DataConn Conn = new DataConn(); if (brand == "" && price == "" && size == "" && graphics == "") { sql = "select * from TB_Laptop"; Response.Write("<script>alert('!!!')</script>"); } else { Response.Write("<script>alert('!!!')</script>"); try { sql = "select * from TB_Laptop where Type='laptop'"; if (brand != "") sql += " and SearchBrand='" + brand + "'"; //从这里开始后面的就不执行了。。 Response.Write("<script>alert('1" + sql + "')</script>"); if (price != "") sql += " and SearchPrice='" + price + "'"; Response.Write("<script>alert('2" + sql + "')</script>"); if (size != "") sql += " and SearchSize='" + size + "'"; Response.Write("<script>alert('3" + sql + "')</script>"); if (graphics != "") sql += " and SearchGraphics='" + graphics + "'"; Response.Write("<script>alert('4" + sql + "')</script>"); } catch (Exception extwo) { Response.Write("<script>alert('" + extwo.Message + "')</script>"); } } Response.Write("<script>alert('!!!')</script>"); Conn.ExcuteSearch(sql); DT = new DataTable(); DT = Conn.MyDT; if (DT.Rows.Count < 1) { Response.Write("<script>alert('抱歉,我们暂时还未收录您所筛选的商品!感谢您对我们的支持!')</script>"); } else { DataList1.DataSource = DT; DataList1.DataBind(); } } catch (Exception ex) { Response.Write("<script>alert('"+ex.Message+"')</script>"); }问题 我的SQL+=操作有问题?
正确的写法是啥?
[解决办法]
如果没有特殊字符,数据类型匹配,没有问题。
你可以Response.Write(sql)看是否是合法的sql语句
[解决办法]
设个断点调试一下,看看各变量的值,找出原因。
[解决办法]
[解决办法]
SearchPrice字段的数据类型是否是varchar?如不是,应该去掉引号,即:
sql += " and SearchPrice=" + price;
其他字段的数据类型也检查一下
------解决方案--------------------
if (brand != "")
sql += " and SearchBrand='" + brand + "'"; //从这里开始后面的就不执行了。。
LZ 你在这里断点测试一下,看看brand的值