我正在使用vb.net 这是我的代码来过滤bindingsource 我得到这个erro语法错误:在'And'操作符之前缺少操作数。
Private Function SetFilter() As String
Dim datee As String = String.Format("datee >= #{0:M/dd/yyyy}# AND datee <= #{1:M/dd/yyyy}#", _
DateTimePicker1.Value, _
DateTimePicker2.Value)
Dim client As String = If((TextBox1.Text.Length > 0), String.Format("[client] LIKE '%{0}%'", TextBox1.Text), "")
Dim ref As String = If((TextBox2.Text.Length > 0), String.Format("[REF] LIKE '%{0}%'", TextBox2.Text), "")
Return String.Format("{0} AND {1} AND {2}", datee, client, ref)
End Function
Private Sub DateTimePicker1_ValueChanged(sender As System.Object, e As System.EventArgs) Handles DateTimePicker1.ValueChanged
SalesBindingSource.Filter = SetFilter()
End Sub
Private Sub DateTimePicker2_ValueChanged(sender As System.Object, e As System.EventArgs) Handles DateTimePicker2.ValueChanged
'error here
SalesBindingSource.Filter = SetFilter()
End Sub
Private Sub TextBox1_TextChanged(sender As System.Object, e As System.EventArgs) Handles TextBox1.TextChanged
SalesBindingSource.Filter = SetFilter()
End Sub
Private Sub TextBox2_TextChanged(sender As System.Object, e As System.EventArgs) Handles TextBox2.TextChanged
SalesBindingSource.Filter = SetFilter()
End Sub
答案 0 :(得分:0)
我建议使用更安全的方式替换您的过滤器创建方法来处理两个文本框的内容以及一个或两个文本框为空的情况
Dim client As String = If((TextBox1.Text.Length > 0), _
String.Format(" AND [client] LIKE '%{0}%'", TextBox1.Text.Replace("'", "''")),"")
Dim ref As String = If((TextBox2.Text.Length > 0), _
String.Format(" AND [REF] LIKE '%{0}%'", TextBox2.Text.Replace("'", "''"), "")
Return String.Format("{0} {1} {2}", datee, client, ref)
替换调用将用户在文本框中插入的单引号加倍,AND直接插入到客户端和ref的字符串中,否则如果一个或两个文本框为空则会得到无效的SQL