string SearchStr =" where Title like '%"+searchstr.Text.ToString()+"%' and ClassName='"+searchclass2.SelectedValue.ToString()+"' ";
mysql=select * form Broadcast"+ SearchStr
这么写出错,请问应该怎么搞呀,谢拉
...全文
407打赏收藏
求一sql语句
string SearchStr =" where Title like '%"+searchstr.Text.ToString()+"%' and ClassName='"+searchclass2.SelectedValue.ToString()+"' "; mysql=select * form Broadcast"+ SearchStr 这么写出错,请问应该怎么搞呀,谢拉
string SearchStr =" where Title like '%"+searchstr.Text.ToString().Replace("'","''") +"%' and ClassName= '"+searchclass2.SelectedValue.ToString().Replace("'","''") +"' ";