我想要做的是查找输入到指定给Valor的textbox4上的文本,如果找到,则显示下面的代码,但我想使用参数化查询安全的原因),我不知道如何修改我现有的代码来完成它。 (例如,123-A)使用DataAdapter/Dataset进行Asp.net参数化SQL查询
我会查找“123-A”,但在当前代码中出现“无效列A”错误,我将查找“123-A”的SQL列为“ID_LALTest”
Try
' *--------search by Unique ID-------*
Dim CON As New SqlConnection
Dim DA As New SqlDataAdapter
Dim DS As New DataSet
Dim SQL As String
Dim Valor As String
Valor = TextBox4_SearchData_LALTest.Text
CON.ConnectionString = "not displayed"
CON.Open()
SQL = "SELECT ID_LALTest, LALTest_SeqRef_CH, LALTest_SeqRef_Year FROM LALTest WHERE [email protected]"
DA = New SqlDataAdapter(SQL, CON)
DA.SelectCommand.Parameters.AddWithValue("@Valor", Valor)
DA.SelectCommand.ExecuteNonQuery()
DA.Fill(DS, 0)
If DS.Tables(0).Rows.Count > 0 Then
' *--------Found, Display Data Grid-------*
Label2_SearchData_LALTest.Visible = False
GridView2_SearchData_LALTest.Visible = True
GridView3_SearchData_LALTest.Visible = True
GridView1_SearchData_LALTest.Visible = False
Else
Label2_SearchData_LALTest.Text = "Record Not Found"
Label2_SearchData_LALTest.Visible = True
GridView2_SearchData_LALTest.Visible = False
GridView3_SearchData_LALTest.Visible = False
GridView1_SearchData_LALTest.Visible = False
End If
con.dispose()
Catch ex As Exception
MsgBox(Err.Description)
End Try
该文档的哪个部分(http://msdn.microsoft.com/en-us/library/bbw6zyha.aspx)有问题吗? – 2013-03-06 20:45:55
我刚刚更新了你给我的参考代码,但我收到了“转换错误”的错误123-A“Char to Int”..但我不能检测为什么要转换为INT? – 2013-03-06 21:09:26
您是否使用适当的SqlDbType作为数据库中列的类型? – 2013-03-06 21:12:45