Question

 for (int i = 0; i < ParamsListBox.Items.Count; i++)
    {


        {
            if (i == 0)
            {
                dualSearchVar = ParamsListBox.Items[i].ToString();
                valVar = TextFieldListBox.Items[i].ToString();
                valVar = valVar.Replace(" ", empty2);
                SqlDataSource1.SelectParameters.Add(new Parameter("dualSearchVar", TypeCode.String, dualSearchVar));
                SqlDataSource1.SelectParameters.Add(new Parameter("valVar", TypeCode.String, valVar));
                SqlAddon = SqlAddon + "AND @valVar LIKE '%@dualSearchVar%'";
            }
            else if (i == 1)
            {
                dualSearchVar1 = ParamsListBox.Items[i].ToString();
                SqlDataSource1.SelectParameters.Add(new Parameter("dualSearchVar1", TypeCode.String, dualSearchVar1));
                valVar1 = TextFieldListBox.Items[i].ToString();
                valVar1 = valVar1.Replace(" ", empty2);
                SqlDataSource1.SelectParameters.Add(new Parameter("valVar1", TypeCode.String, valVar));
                SqlAddon = SqlAddon + "AND @valVar1 LIKE '%@dualSearchVar%'";
            }
            else if (i == 2)
            {
                dualSearchVar2 = ParamsListBox.Items[i].ToString();
                valVar2 = TextFieldListBox.Items[i].ToString();
                valVar2 = valVar2.Replace(" ", empty2);
                SqlDataSource1.SelectParameters.Add(new Parameter("valVar2", TypeCode.String, valVar2));
                SqlAddon = SqlAddon + "AND @valVar2 LIKE'%@dualSearchVar%'";
            }
        }


    }
        if (dateType == "DateFiled") 
        {

            SqlDataSource1.SelectParameters.Add(new Parameter("DateField1", TypeCode.String, DateField1));
            SqlDataSource1.SelectParameters.Add(new Parameter("DateField2", TypeCode.String, DateField2));
            SqlDataSource1.SelectCommand = "SELECT * FROM tbl_AddedFields2 WHERE DateFiled BETWEEN CAST(@DateField1 AS DATE) AND CAST(@DateField2 AS DATE)" + SqlAddon;
            SqlDataSource1.DataBind();
            GridView1.DataBind();

所以我在数据库中根据列表框中的最多3个参数进行搜索，然后将其添加到带有日期范围的SQL语句的末尾，每个添加的参数添加一个插件。我必须在if-then中单独声明参数，因为它们在同一个for循环中。我有一次这个工作，但现在我很难过。我已经针对数据库运行了测试查询，当我提供日期参数和字符串“tom”时，它应该提取两条记录，Tom Cruise和Tom Hanks。我没有收到错误，只是没有结果。（仅供参考 - SqlAddon以空字符串开头。）

SELECT * 
FROM tbl_AddedFields2 
WHERE DateFiled BETWEEN '05/17/2017' AND '06/19/2017' AND PersonReporting LIKE '%tom%';

这是我试图复制的查询。当我暂停调试器时，它看起来像这样 -

SELECT * 
FROM tbl_AddedFields2 
WHERE DateFiled BETWEEN CAST(@DateField1 AS DATE) AND CAST(@DateField2 AS DATE)AND @valVar LIKE '%@dualSearchVar%'

Answer 1

我无法看到您的数据，但看起来应该是

            dualSearchVar = ParamsListBox.Items[i].ToString();
            valVar = TextFieldListBox.Items[i].ToString();
            valVar = valVar.Replace(" ", empty2);
            SqlDataSource1.SelectParameters.Add(new Parameter("dualSearchVar", TypeCode.String, "%"+dualSearchVar+"%"));
            SqlDataSource1.SelectParameters.Add(new Parameter("valVar", TypeCode.String, valVar));
            SqlAddon = SqlAddon + " AND @valVar LIKE @dualSearchVar";

如果您尝试将列名称作为@valVar传递，那么绝对不是这样做的。删除@valVar prm，并在检查并清理用户输入后

SqlAddon = SqlAddon + " AND " + valVar + " LIKE @dualSearchVar";

如何构建一个动态SQL语句，该语句根据列表框中的元素数量而变化？

1 个答案: