我有asp.net网站,其中包含13个文本框,用户可以输入某些信息来搜索数据库。 gridview填充数据。该数据仅用于查看目的。
我的问题是,每一行都会被返回。如果用户仅将数据键入一个字段,则只应返回包含该数据的行。相反,无论如何都返回每一行,我似乎无法弄清楚我的SQL语句有什么问题。
以下是整个代码:
SqlConnection mySqlConnection = new SqlConnection(strings.settings.connectionString);
SqlCommand mycommand = new SqlCommand("SELECT SOPID, CONTACT, SHIPTONAME, KNOWN_EMAIL, ADDR1, ADDR2, CITY, STATE, ZIPCODE, PHONE1, CUSTPO, CID, AID, SEATS FROM dbo.LOOKUP_TEST_TBL WHERE CONTACT = @CONTACT OR SHIPTONAME = @SHIPTONAME OR KNOWN_EMAIL = @KNOWN_EMAIL OR ADDR1 = @ADDR1 OR ADDR2 = @ADDR2 OR CITY = @CITY OR STATE = @STATE OR ZIPCODE = @ZIPCODE OR PHONE1 = @PHONE1 OR CUSTPO = @CUSTPO OR CID = @CID OR AID = @AID OR SEATS = @SEATS", mySqlConnection);
//AccessCommand.Parameters.AddWithValue("@ORDERID", SqlDbType.Char).Value = txtOrderID.Text.ToUpper();
mycommand.Parameters.AddWithValue("@CONTACT", SqlDbType.Char).Value = txtContact.Text.ToUpper();
mycommand.Parameters.AddWithValue("@SHIPTONAME", SqlDbType.Char).Value = txtShipToName.Text.ToUpper();
mycommand.Parameters.AddWithValue("@KNOWN_EMAIL", SqlDbType.Char).Value = txtEmail.Text.ToUpper();
mycommand.Parameters.AddWithValue("@ADDR1", SqlDbType.Char).Value = txtAddress1.Text.ToUpper();
mycommand.Parameters.AddWithValue("@ADDR2", SqlDbType.Char).Value = txtAddress2.Text.ToUpper();
mycommand.Parameters.AddWithValue("@CITY", SqlDbType.Char).Value = txtCity.Text.ToUpper();
mycommand.Parameters.AddWithValue("@STATE", SqlDbType.Char).Value = txtState.Text.ToUpper();
mycommand.Parameters.AddWithValue("@ZIPCODE", SqlDbType.Char).Value = txtZip.Text.ToUpper();
mycommand.Parameters.AddWithValue("@PHONE1", SqlDbType.Char).Value = txtPhone.Text.ToUpper();
mycommand.Parameters.AddWithValue("@CUSTPO", SqlDbType.Char).Value = txtCustomerPO.Text.ToUpper();
mycommand.Parameters.AddWithValue("@CID", SqlDbType.Char).Value = txtCustomerID.Text.ToUpper();
mycommand.Parameters.AddWithValue("@AID", SqlDbType.Char).Value = txtAddressID.Text.ToUpper();
mycommand.Parameters.AddWithValue("@SEATS", SqlDbType.Char).Value = txtSeats.Text.ToUpper();
mySqlConnection.Open();
SqlDataReader reader = mycommand.ExecuteReader();
if (reader.HasRows == false)
{
throw new Exception();
}
GridView1.DataSource = reader;
GridView1.DataBind();
}
任何提示或建议或正确方向上的观点都太棒了!感谢大家!
答案 0 :(得分:3)
您的查询应该是
SELECT *
FROM dbo.LOOKUP_TEST_TBL
WHERE (CONTACT = @CONTACT and CONTACT is not null) or
(SHIPTONAME = @SHIPTONAME and SHIPTONAME is not null).....
只是排除可以为空的记录
答案 1 :(得分:1)
问题几乎肯定是查询 - 它将返回任何这些字段中具有空列的行,用户未提供这些行。
我会尝试仅使用用户指定的列来构建查询。
获取非空参数:
Dictionary<string, string> values = new Dictionary<string,string> {
{ "@CONTACT", txtContact.Text.ToUpper() },
{ "@ADDR1", txtAddress1.Text.ToUpper() },
// etc
};
var enteredParams = values.Where(kvp => !string.IsNullOrEmpty(kvp.Value));
构建查询:
string sql = string.Format("SELECT ... WHERE {0}",
string.Join(" OR ",
enteredParams.Select(kvp =>
kvp.Key.TrimStart(new char[] { '@' }) + " = " + kvp.Key
)
);
最后构建参数:
foreach (var kvp in enteredParams)
{
mycommand.Parameters.AddWithValue(kvp.Key, kvp.Value);
}
(未经检查确切的语法,但我认为你明白了。)
答案 2 :(得分:0)
你将WHERE子句中的所有内容放在一起,所以即使其中一个匹配,它也会包含在结果中。你可能想和他们在一起吗?