调试:WHERE%20(1%20 =%201)%20%20AND%20(村%20 =%20'阿姆斯特丹')
WHERE(1 = 1)AND(village ='Amsterdam')
WHERE(1 1)AND(village ='Amsterdam')
WHERE(null为null)AND(village ='Amsterdam')
WHERE(null为null)AND(村庄'Amsterdam')
VS2010,ASP.NET 4.0,SQL-Server 2008,unicode8
protected void Page_Load(object sender, EventArgs e)
{
var qs = this.ClientQueryString;
NameValueCollection qscoll = HttpUtility.ParseQueryString(qs);
StringBuilder sb = new StringBuilder();
foreach (String s in qscoll.AllKeys)
{
sb.Append(s + qscoll[s]);
}
string sWhere = sb.ToString();
// ...
}
void Page_Load(object sender, EventArgs e)
{
var qs = this.ClientQueryString;
var sQuery = HttpUtility.UrlDecode(qs);
//...
}
答案 0 :(得分:0)
HttpUtility.ParseQueryString解析URL的querystring。它与SQL无关。
答案 1 :(得分:0)
查询字符串必须是百分比编码。您的查询字符串不是。 “=”不能出现在查询字符串数据部分中。它始终编码为%3D。
答案 2 :(得分:0)
HttpUtility.ParseQueryString
将(HTTP)查询字符串解析为NameValueCollection
,与您编写的SQL语句无关。