示例:
Sql = "Select * From tablo Where Baslik = "&strBaslik&" And Ozellik IN ("&strOzellik&") Order By Id Desc"
我想:
Sql = "Select * From tablo Where Baslik = "&strBaslik&" **IF Not "&strOzellik&" = Then** And Ozellik IN ("&strOzellik&") **End IF** Order By Id Desc"
我该怎么做?
感谢。
答案 0 :(得分:0)
有几种方法可以解决这个问题,其中一种方法是连接sSql查询:
<%
sSql = "Select * From tablo Where Baslik = '"& strBaslik & "' "
If Not strOzellik = "???" Then
sSql = sSql & " And Ozellik IN ('" & strOzellik & "')"
End If
sSql = sSql & " Order By Id Desc"
%>
请注意,我还在SQL参数周围添加了单引号,以防输入实际是字符串。虽然这种方式因SQL注入而不安全,您可能需要查看parameterized queries。