必须声明一个标量变量。

时间:2014-09-27 10:13:03

标签: c# sql asp.net database charts

我必须使用ajax扩展程序工具显示条形图。当我从下拉列表中选择一个值时,我必须在图表上显示信息。但它显示"必须声明一个标量变量"错误。请帮我。 代码:

  protected void Page_Load(object sender, EventArgs e)
    {
              if (!IsPostBack)
        {
            string query = "select Name from aTable";
            DataTable dt = GetData(query);
            ddlCountries.DataSource = dt;
            ddlCountries.DataTextField = "Name";
            ddlCountries.DataValueField = "Name";
            ddlCountries.DataBind();
            ddlCountries.Items.Insert(0, new ListItem("Select", ""));
        }

    }

    private DataTable GetData(string query)
    {
        DataTable dt = new DataTable();
        string constr = ConfigurationManager.ConnectionStrings["demoConnectionString"].ConnectionString;
        using (SqlConnection con = new SqlConnection(constr))
        {
            using (SqlCommand cmd = new SqlCommand(query))
            {
                using (SqlDataAdapter sda = new SqlDataAdapter())
                {
                    cmd.CommandType = CommandType.Text;
                    cmd.Connection = con;
                    sda.SelectCommand = cmd;
                    sda.Fill(dt);
                }
            }
            return dt;
        }
    }
    protected void ddlCountries_SelectedIndexChanged(object sender, EventArgs e)
    {
        string query = string.Format("select Debit, Credit, Year From aTable where Name=@Name", ddlCountries.SelectedItem.Value);
        DataTable dt = GetData(query);

        string[] x = new string[dt.Rows.Count];
        decimal[] y = new decimal[dt.Rows.Count];
        for (int i = 0; i < dt.Rows.Count; i++)
        {
            x[i] = dt.Rows[i][0].ToString();
            y[i] = Convert.ToInt32(dt.Rows[i][1]);
        }
        BarChart1.Series.Add(new AjaxControlToolkit.BarChartSeries { Data = y });
        BarChart1.CategoriesAxis = string.Join(",", x);
        BarChart1.ChartTitle = string.Format("{0} Order Distribution", ddlCountries.SelectedItem.Value);
        if (x.Length > 3)
        {
            BarChart1.ChartWidth = (x.Length * 100).ToString();
        }
        BarChart1.Visible = ddlCountries.SelectedItem.Value != "";
    }

1 个答案:

答案 0 :(得分:2)

在这一行

string query = string.Format(@"select Debit, Credit, Year 
                             From aTable where Name=@Name", 
                             ddlCountries.SelectedItem.Value);

您有一个参数占位符@Name但是您没有将所需参数添加到执行sql的SqlCommand中。这会产生您看到的错误 (顺便说一句,string.Format需要{0}形式的占位符,但是如果你修复了这个问题它仍然是错误的,因为你打开了通往Sql Injection的大门)

修复它需要更改GetData功能 您需要添加(可选)参数数组作为另一个参数

private DataTable GetData(string query, SqlParameter[] prms = null)
{
    DataTable dt = new DataTable();
    string constr = ConfigurationManager.ConnectionStrings["demoConnectionString"].ConnectionString;
    using (SqlConnection con = new SqlConnection(constr))
    {
        using (SqlCommand cmd = new SqlCommand(query))
        {
            if(prms != null)
                cmd.Parameters.AddRange(prms);

            using (SqlDataAdapter sda = new SqlDataAdapter())
            {
                cmd.CommandType = CommandType.Text;
                cmd.Connection = con;
                sda.SelectCommand = cmd;
                sda.Fill(dt);
            }
        }
        return dt;
    }
}

现在,当您调用该方法时,您可以编写

string query = "select Debit, Credit, [Year] From aTable where Name=@Name";
SqlParameter[] prms = new SqlParameter[1];
prms[0] = new SqlParameter("@Name", SqlDbType.NVarChar).Value = 
                          ddlCountries.SelectedItem.Value.ToString());
DataTable dt = GetData(query, prms);

另请注意,我已将字段Year放在方括号之间。 Year是T-SQL函数的名称,您应该使用此技巧来避免混淆SQL Parser