C#String Concatenation问题为什么不是+ =在这里工作?

时间:2012-02-14 18:51:13

标签: c# c#-3.0

我有以下c#代码:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace StringTest
{
    class Program
    {
        static void Main(string[] args)
        {

               String strSQLCode;
            strSQLCode = " select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * "
                      += " from view_dg_game_details gd (nolock) "
                      += " where gd.gametypeid = {0} " 
                      += " and gd.numberofrounds = {1} "
                      += " and gd.gamevalues = '{2}' ";
        }
    }
}

由于某种原因,我收到错误“作业的左侧必须是变量,属性或索引器”。

我无法看到错误告诉我的错误。我已经注释掉了违规行,但错误只是向上移动了一行。

我可以使用此方法使字符串concation工作:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace StringTest
{
    class Program
    {
        static void Main(string[] args)
        {

            String strSQLCode;
            strSQLCode = " select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * ";
            strSQLCode = strSQLCode +  " from view_dg_game_details gd (nolock) ";
            strSQLCode = strSQLCode + " where gd.gametypeid = {0} ";
            strSQLCode = strSQLCode + " and gd.numberofrounds = {1} ";
            strSQLCode = strSQLCode + " and gd.gamevalues = '{2}' ";            
        }
    }
}

有人可以向我解释这个错误是什么吗?

由于

10 个答案:

答案 0 :(得分:12)

因为你不能在不重复你正在操作的变量的情况下将+=运算符串在一起:

strSQLCode = @"select rank() over (order by percentagecorrect desc, 
                                            totalmilliseconds asc) as rank, * ";
strSQLCode += " from view_dg_game_details gd (nolock) ";
strSQLCode += " where gd.gametypeid = {0} ";
strSQLCode += " and gd.numberofrounds = {1} ";
strSQLCode += " and gd.gamevalues = '{2}' ";

如果您想将其声明为“长”单行,请使用+ 

strSQLCode = @"select rank() over (order by percentagecorrect desc, 
                                            totalmilliseconds asc) as rank, * "
           + " from view_dg_game_details gd (nolock) "
           + " where gd.gametypeid = {0} " 
           + " and gd.numberofrounds = {1} "
           + " and gd.gamevalues = '{2}' ";

或者,如果你不想要任何一个,你可以只使用一个字符串文字:

strSQLCode = 
    @"select rank() over (order by percentagecorrect desc, 
                                totalmilliseconds asc) as rank, *
      from view_dg_game_details gd (nolock)
      where gd.gametypeid = {0}
          and gd.numberofrounds = {1}
          and gd.gamevalues = '{2}' ";

答案 1 :(得分:3)

这是一个单一陈述,因此您应该使用以下内容:

        strSQLCode = " select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * "
                  + " from view_dg_game_details gd (nolock) "
                  + " where gd.gametypeid = {0} " 
                  + " and gd.numberofrounds = {1} "
                  + " and gd.gamevalues = '{2}' ";

答案 2 :(得分:2)

对于您的第一个代码段,您想要的是+,而不是+=

您只想分配一次变量,然后以正常方式将所有部分连接在一起后执行此操作。这是+

答案 3 :(得分:2)

在您的第一个代码段中,您不应该使用+=一个简单的代码+

来自MSDN:

使用+ =赋值运算符的表达式,例如

x += y

相当于

x = x + y

,但x只评估一次。

这意味着你不能使用+=来连接一串字符串文字或两个以上的变量。

答案 4 :(得分:2)

你正在写

something += "a" += "b";

这没有意义。

答案 5 :(得分:2)

只需按照这种方式使用

strSQLCode = " select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * "
            + " from view_dg_game_details gd (nolock) "
            + " where gd.gametypeid = {0} "
            + " and gd.numberofrounds = {1} "
            + " and gd.gamevalues = '{2}' ";


strSQLCode = 
          @"select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * 
            from view_dg_game_details gd (nolock) 
            where gd.gametypeid = {0} 
            and gd.numberofrounds = {1} 
            and gd.gamevalues = '{2}' ";

答案 6 :(得分:1)

您的语法略有错误。

应该是:

namespace StringTest
{
    class Program
    {
        static void Main(string[] args)
        {

               String strSQLCode;
            strSQLCode = @" select rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * "
                      + @" from view_dg_game_details gd (nolock) "
                      + @" where gd.gametypeid = {0} " 
                      + @" and gd.numberofrounds = {1} "
                      + @" and gd.gamevalues = '{2}' ";
        }
    }
}

答案 7 :(得分:1)

你正在做的是:

string variable = "string" += "another string";

这基本上与:

相同 
string variable;
(variable = "string") += "another string";

因为括号表达式的结果是一个字符串(特别是已分配的值),所以您现在可以有效地执行此操作:

string variable;
variable = "string";
"string" += "another string;

编译器第三行出了问题。

具体来说,编译器告诉你的是,为了执行赋值,你必须要分配给它。

像这样写:

strSQLCode = @" select rank() over (order by percentagecorrect desc, totalmilliseconds   asc) as rank, *
    from view_dg_game_details gd (nolock) 
    where gd.gametypeid = @gameType 
    and gd.numberofrounds = @numberOfRounds
    and gd.gamevalues = @gameValues ";

并使用参数化查询。

答案 8 :(得分:1)

像其他人一样提到+ =应该是+。如果构建SQL至少参数化它,SQL注入是一个严重的问题。我可以从您的数据库中的控制台或winapp文本框删除表。从第一个变量你可以做到

 1 ; drop table dg_game_details --

示例:

conDatabase =
new SqlConnection("Data Source=(local);" +
"Database='projectGames';" +
"Integrated Security=true");
SqlCommand cmdDatabase =
new SqlCommand("SELECT rank() over (order by percentagecorrect desc, totalmilliseconds asc) as rank, * FROM view_dg_game_details gd (nolock)" +
"WHERE gd.gametypeid= @GameId;", conDatabase);

cmdDatabase.Parameters.Add("@GameId", SqlDbType.Int);
cmdDatabase.Parameters["@GameId"].Value = 1;

答案 9 :(得分:0)

使用+代替+ =。

另外,我强烈建议不要存储和连接这样的SQL查询,因为这样会因为SQL注入而非常不安全。

在此处阅读:SQL injection

相关问题
最新问题