Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim SQLData As New System.Data.SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True")
Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT COUNT(*) FROM Table1 WHERE Name =" + TextBox1.Text + " And Last = '" + TextBox2.Text + "'", SQLData)
SQLData.Open()
If cmdSelect.ExecuteScalar > 0 Then
Label1.Text = "Record Found ! " & TextBox1.Text & " " & TextBox2.Text
Return
End If
Label1.Text = "Record Not Found ! "
SQLData.Close()
End Sub
我写这篇文章的代码来查找记录是否在TextBox1中输入1和TextBox的存在与否..如果纪录label1的文本存在..then将被记录中发现别人发现没有记录这个SELECt查询有什么问题?
错误:
* *当我在TextBox1中1和TextBox输入然后按一下按钮事件它显示了错误:无效的列名,, **
SQL注入万岁!讽刺的是,这正是你的问题。 – Bobby 2011-01-12 12:51:24