所以我有一个SqlDataSource,它使用以下查询,具体取决于用户输入的内容:
string query = "SELECT * FROM Cars WHERE ";
if (make != 1)
{
query = query + "make_id = @make";
SearchDataSource.SelectParameters.Add("make", make.ToString());
}
SearchDataSource.SelectCommand = query;
当我调试这个并按照每一行时,当我到达我的代码的最后一行是“SearchDataSource.SelectCommand = query;”输出窗口中的查询等于“SELECT * FROM Cars WHERE make_id = @make”这正是我想要的,但是它不应该在SQL查询中具有make的值而不是“@make”?
答案 0 :(得分:0)
尝试它有点像这样,看看它是否更好。请直接在查询字符串中注意@make。
string query = "SELECT * FROM Cars WHERE make_id = @make";
SearchDataSource.SelectCommand = query;
SearchDataSource.SelectParameters.Add("@make", make.ToString());
然而,我更习惯于这样的事情(很难知道没有更多代码需要什么):
SqlCommand command = New SqlCommand("SELECT * FROM Cars WHERE make_id = @make", connection);
command.Parameters.AddWithValue("@make", "make value here");