Question

我只想在特定日期获取查询结果（From - To）我用过这段代码

conn.Open();
SqlDataAdapter da = new SqlDataAdapter("SELECT Territories , ProductName , Forecast as ForecastVol , ForecastVal , Volume as Acheived , Value , Percentage as TotalIndex , Date from  TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + "  ", conn);
SqlParameter fromdate = new SqlParameter("@p1", SqlDbType.NVarChar);
fromdate.Value = dateTimePicker1.Value;
SqlParameter todate = new SqlParameter("@p2", SqlDbType.NVarChar);


todate.Value = dateTimePicker2.Value;
da.SelectCommand.Parameters.Add(fromdate);
da.SelectCommand.Parameters.Add(todate);
DataTable dt = new DataTable();
da.Fill(dt);
TotGrid.DataSource = dt;
SqlCommand sumvol = new SqlCommand("select sum(Volume) from TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + " ", conn);
AchVol.Text = sumvol.ExecuteScalar().ToString();
SqlCommand sumval = new SqlCommand("select sum(Value) from TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + " ", conn);
AchVal.Text = sumval.ExecuteScalar().ToString();
SqlCommand TotalValcom = new SqlCommand("select sum(ForecastVal) from TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + " ", conn);
TotalVal.Text = TotalValcom.ExecuteScalar().ToString();
SqlCommand TotalVolcom = new SqlCommand("select sum(Forecast) from TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + " ", conn);
TotalVol.Text = TotalValcom.ExecuteScalar().ToString();
SqlCommand Percentagecom = new SqlCommand("select(sum(Value) * 100) / (ForecastVal)from TotalInSales  where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + "  group by ForecastVal", conn);
Percentage.Text = Percentagecom.ExecuteScalar().ToString();
conn.Close();

我希望在dateTimePicker1和dateTimePicker2

中选择的日期之间进行此查询

日期数据类型为date

但它在

中出错

AchVol.Text = sumvol.ExecuteScalar().ToString();

错误消息

Must declare the scalar variable "@p1".

解决方案是什么

Answer 1

您已创建新命令（您这样做了5次）：

SqlCommand sumvol = new SqlCommand("select sum(Volume) from TotalInSales where Territories = '" + TerritoryCB.Text + "' and ProductName = '" + ProductCB.Text + "' and Date " + "between @p1 AND @p2" + " ", conn);

这些命令没有附加任何参数 - 您只是将它们连接到数据适配器，而不是命令。

例如：

sumvol.Parameters.Add(fromdate);
sumvol.Parameters.Add(todate);

你也应该转换你正在进行的所有字符串连接并为它们使用适当的参数 - 你已经通过这种连接将自己打开到SQL injection attacks。

Answer 2

您需要为每个需要它的每个命令创建一个从日期和日期开始的参数。因此，如果您有n个命令，则需要为所有n个命令创建它们。因此，为每个命令创建以下命令，并将其添加到命令的Parameters集合中。

SqlParameter fromdate = new SqlParameter("@p1", SqlDbType.NVarChar);
fromdate.Value = dateTimePicker1.Value;
SqlParameter todate = new SqlParameter("@p2", SqlDbType.NVarChar);
todate.Value = dateTimePicker2.Value;

如果您尝试将上述命令用于多个命令，它将无法工作，您将收到此异常，因为它们无法在多个命令之间共享：

另一个SqlParameterCollection已经包含了SqlParameter。

使用c＃从日期中选择查询到日期

2 个答案: