0
我怎么可能正确地分配文本框,通过SQL语句dropdownlists &标签相应的字段上的记录检索成功?我有4个表&因此,所分配的数据不匹配的控件。 (VS2008)正确分配数据控件,SQL服务器,VS2008
我有以下几点:
myCmd.CommandText = "SELECT pc.product_category_id, pc.product_category_name, pi.product_image_id, pi.product_image_filename, qr.qrcode_id, qr.qrcode_image_filename, p.product_author FROM Product AS p INNER JOIN ProductCategory AS pc ON p.product_category_id = pc.product_category_id INNER JOIN ProductImage AS pi ON p.product_image_id = pi.product_image_id INNER JOIN QRCode AS qr ON p.qrcode_id = qr.qrcode_id WHERE p.product_id = '" & DropDownList2.Text & "'"
myCmd.Parameters.Add(New SqlParameter("@product_id", (DropDownList2.Text)))
myConn.Open()
'run the query and obtain a reader to get the results
dtrReader = myCmd.ExecuteReader()
'check if there are results
If (dtrReader.Read()) Then
'populate the values of the controls
lblProductID2.Text = dtrReader(0)
txtProductName2.Text = dtrReader(4)
txtProductTitle2.Text = dtrReader(7)
txtProductDescription2.Text = dtrReader(8)
txtProductAuthor2.Text = dtrReader(12)
您有一个SQL注入漏洞。 – SLaks 2012-01-01 17:56:44
@SLaks:我明白你来自哪里。谢谢,但关于这个问题,是否有一种更简单的方法来匹配这些字段? – brainsfrying 2012-01-01 18:04:02
关于您现有的代码有哪些不正确/不足? – MatBailie 2012-01-01 18:13:53