报where 附近有语法错误,那位帮助解决一下

Rotel-刘志东 2009-03-04 11:49:50 
using System;

using System.Data;

using System.Configuration;

using System.Collections;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using WangWei.DBUtility;

using WangWei.DAL;

using System.Data.SqlClient;





public partial class Queryph : WangWei.Common.BasePage

{

	string strWhere = "";



	protected void Page_Load(object sender, EventArgs e)

	{

		if (!this.IsPostBack)

		{

			try

			{

				this.DocDate.Text = DateTime.Now.ToShortDateString();

				this.EDate.Text = DateTime.Now.ToShortDateString();

				strWhere = GetstrWhere();

				this.BindData(strWhere);

			}

			catch (Exception ex)

			{

				throw ex;

			}





		}

	}



	protected void BindData(string where)

	{

		int count = 0;

		string strSql = " select count(1) from ibt1 T0   " + where;

		DataSet ds = new DataSet();

		ds = WangWei.DBUtility.DbHelperSQLSAP.Query(strSql);



		count = Convert.ToInt32(ds.Tables[0].Rows[0][0].ToString());

		ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode  ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum ,  T4.PrdDate  ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate  from ibt1 T0 left  join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01'  and T3.Filler='01' order by T0.BaseEntry ,T0.itemcode asc  "

			+ where, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" );



		Repeater.DataSource = ds;

		Repeater.DataBind();



		pager.RecordCount = count;



		pager.CustomInfoText = "记录总数:<font color=\"blue\"><b>" + count.ToString() + "</b></font>";

		pager.CustomInfoText += " 总页数:<font color=\"blue\"><b>" + pager.PageCount.ToString() + "</b></font>";

		pager.CustomInfoText += " 当前页:<font color=\"red\"><b>" + pager.CurrentPageIndex.ToString() + "</b></font>";



	}



	protected string GetLineID()

	{

		return this.txtLineID.Text.ToString();

	}



	protected string GetWhsCode(string strCode)

	{

		WangWei.Model.Depart m_Depart = new WangWei.Model.Depart();

		WangWei.DAL.Depart o_Depart = new WangWei.DAL.Depart();

		m_Depart = o_Depart.GetModel(Convert.ToInt32(strCode));

		return m_Depart.Store;

	}



	protected void ChangePage(object src, Wuqi.Webdiyer.PageChangedEventArgs e)

	{

		pager.CurrentPageIndex = e.NewPageIndex;

		strWhere = GetstrWhere();

		BindData(strWhere);

	}



	protected string GetstrWhere()

	{

		string sql = "";

		string str1 = "";

		string strBeginDate = "2008-01-01";

		string strEndDate = "2100-01-01";



		if (this.DocDate.Text != "")

			strBeginDate = this.DocDate.Text;

		if (this.EDate.Text != "")

			strEndDate = this.EDate.Text;



		sql = " where  T0.Docdate>='" + strBeginDate + "' and T0.docdate<='" + strEndDate + "' ";



		if (this.user.Position != "1")

		{

			sql = sql + " and T0.whscode='" + GetWhsCode(this.user.Depart) + "' ";

		}



		if (this.DropDownList1.SelectedValue == "All")

		{

			return sql;

		}

		if (this.DropDownList2.SelectedValue == "=")

			str1 = "=";

		if (this.DropDownList2.SelectedValue == ">")

			str1 = ">";

		if (this.DropDownList2.SelectedValue == "<")

			str1 = "<";

		if (this.DropDownList2.SelectedValue == "")

			str1 = "like ";

		if (this.TextBox1.Text == "")

		{

			AddLoadMessage("请填写参数");

			return sql;

		}

		str1 = this.DropDownList2.SelectedValue;

		if (str1.ToLower() == "like")

		{

			sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '%" + this.TextBox1.Text + "%' ";

		}

		else

		{

			sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '" + this.TextBox1.Text + "' ";

		}

		return sql;

	}



	protected void Button1_Click(object sender, EventArgs e)

	{

		strWhere = GetstrWhere();



		BindData(strWhere);





	}

}
...全文
203 11 打赏 收藏 转发到动态 举报
写回复
用AI写文章
11 条回复
切换为时间正序
请发表友善的回复…
发表回复
zuoming120 2009-03-04
  • 打赏
  • 举报
 回复
7楼的是对的。
jimu8130 2009-03-04
  • 打赏
  • 举报
 回复
if (this.DropDownList2.SelectedValue == "=")
str1 = "=";
if (this.DropDownList2.SelectedValue == ">")
str1 = ">";
if (this.DropDownList2.SelectedValue == "<")
str1 = "<";
if (this.DropDownList2.SelectedValue == "")
str1 = "like ";
if (this.TextBox1.Text == "")
{
AddLoadMessage("请填写参数");
return sql;
}
str1 = this.DropDownList2.SelectedValue;
if (str1.ToLower() == "like")
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '%" + this.TextBox1.Text + "%' ";
}
else
{
sql = sql + " and " + this.DropDownList1.SelectedValue + " " + this.DropDownList2.SelectedValue + " '" + this.TextBox1.Text + "' ";--------看看你认为>,< 是比较字符串的嘛?如果不是请去掉单引号或者更改代码
}
return sql;
--------------------
姑且不说拼接容易导致异常得不到处理容易被sql注入攻击,来说说你的代码的一些问题前面你的strl就已经取得dropdownlist2的选择值了,结果拼接的时候还用去取一次,唉
vrhero 2009-03-04
  • 打赏
  • 举报
 回复
string strSql = " select count(1) from ibt1 T0 " + where;
------------------
string strSql = " select count(1) from ibt1 T0 where" +;//把where放到字符串里面去...

ps:不要拼SQL,用Parameter传递参数...
migercai 2009-03-04
  • 打赏
  • 举报
 回复
[Quote=引用 3 楼 lzd_83 的回复:]
此sql语句在查询分析器没有问题。
SQL codeselect T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0
left join oitm T2 ON T2.itemcode=T0.itemcode
left join owtr T3 ON T3.DocNum=T0.BaseEntry
left join oibt T4 ON T4.ItemCode=T0.ItemCode
and T4.Whscode=T0.Whscode and T4.Batch…
[/Quote]
你的sql语句貌似没有where啊?
难道我年纪大了,眼花
zzxap 2009-03-04
  • 打赏
  • 举报
 回复
[code=SQL]
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' order by T0.BaseEntry ,T0.itemcode asc "

+ where, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" );


改为
ds = WangWei.DBUtility.DbHelperSQLSAP.GetListPage(" select T0.itemcode ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum , T4.PrdDate ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate from ibt1 T0 left join oitm T2 ON T2.itemcode=T0.itemcode left join owtr T3 ON T3.DocNum=T0.BaseEntry left join oibt T4 ON T4.ItemCode=T0.ItemCode and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and T0.Direction='0' and T0.whscode<>'01' and T3.Filler='01' " + where+" order by T0.BaseEntry ,T0.itemcode asc "

, pager.CurrentPageIndex,pager.PageSize, "itemcode", "itemcode" );

应该先+ where 然后再 order by T0.BaseEntry ,T0.itemcode asc

[/CODE]
fangq 2009-03-04
  • 打赏
  • 举报
 回复
又遇到一个重来不调试的主儿
Rotel-刘志东 2009-03-04
  • 打赏
  • 举报
 回复
此sql语句在查询分析器没有问题。
select T0.itemcode  ,T0.itemName ,T2.FrgnName ,T2.SuppcatNum ,T0.Quantity,T0.BatchNum ,  T4.PrdDate  ,T4.ExpDate ,T0.Whscode,T0.BaseEntry,T0.Direction,T0.DocDate  from ibt1 T0 

left  join oitm T2 ON T2.itemcode=T0.itemcode 

left join owtr T3 ON T3.DocNum=T0.BaseEntry 

left join oibt T4 ON T4.ItemCode=T0.ItemCode 

and T4.Whscode=T0.Whscode and T4.BatchNum=T0.BatchNum and 

T0.Direction='0' and T0.whscode<>'01'  and T3.Filler='01' 

order by T0.BaseEntry ,T0.itemcode asc
LifeChina555 2009-03-04
  • 打赏
  • 举报
 回复
跟踪一下你合成的sql语句,让把他输出看看
Rotel-刘志东 2009-03-04
  • 打赏
  • 举报
 回复
多谢了!!
likevs 2009-03-04
  • 打赏
  • 举报
 回复
路过呵呵

以前讨厌别人问问题时不贴代码,现在我发现,贴了代码而代码又太多时,我也很讨厌Y

*O*

楼上几位已说得很明白,祝楼主好运
gaolei477 2009-03-04
  • 打赏
  • 举报
 回复
调试看看
解决方案 十六】关键字 'with' 附近语法错误
这个事儿的背景吧就是因为加锁查询速度太慢,于是让咱优化,至少先通过使用with(nolock)来解决查询慢的问题,这么个事儿说来也简单对伐,但是影响范围特别大,因为要优化的这个存储过程是个动态存储过程,有70多个操作行为DAO调用到了这个存储过程,可谓牵一发而动全身。 错了! 一开始自信满满,参照了一篇文章了解了解with(nolock)咋玩儿 SQL Server 中WITH (NOLOCK...
SQL语法错误解决方案和Python代码示例
在编写和执行SQL查询语句时,经常会遇到SQL语法错误的问题。为了解决这类问题,我们可以仔细检查SQL语句,使用参数化查询来避免SQL注入攻击,并确保使用最新版本的数据库驱动程序。使用参数化查询:为了避免SQL注入攻击,并且简化SQL语句的编写,推荐使用参数化查询。参数化查询是通过占位符来传递参数值,而不是直接在SQL语句中拼接参数。这样可以减少语法错误的概率。仔细检查SQL语句:首先,需要仔细检查SQL查询语句,确保其语法正确。这样可以避免直接在SQL语句中拼接参数值,减少了SQL语法错误的风险。
sql常见语法_常见SQL语法错误以及解决方法
sql常见语法SQL Server Management Studio, errors can be tracked down easily, using the built in 错误列表”窗格,可以轻松跟踪Error List pane. This pane can be activated in the SQL Server Management Studio错误。 可以在“ View me...
mysql用exists怎么会语法错误_SQL if exists database总是出现语法错误
SQL if exists总是出现语法错误。望高手纠正。_百度知道 http://zhidao.baidu.com/link?url=7VyzcX0V1A3lhBQ1emNt2sTk7QGDuijOqRsSxc1ML7owhy5utaaRIUYBtGG8hRmf8HaSlIgRKsEvkI3Tqc9guqIF EXISTS ( SELECT name FROM sys.databases WHER...
ORA-无效字符错误解决方法:MySQL
通过仔细检查特殊字符、检查编码、检查语法错误和使用参数化查询,你应该能够解决该错误并成功执行你的SQL语句。记住,在编写和执行SQL语句时,始终确保语法正确、参数化查询和字符编码一致,以确保数据库操作的稳定性和安全性。参数化查询可以帮助你避免直接将用户提供的数据插入到SQL语句中,从而减少无效字符错误的风险。在MySQL数据库中,ORA-无效字符错误可能会出现在执行SQL语句时,表示存在一个或多个无效的字符。确保你的数据库和表使用的字符集与你的应用程序一致,并且支持所使用的字符编码。
.NET社区

62,074

社区成员

669,028

社区内容

发帖
与我相关
我的任务
社区描述
.NET技术交流专区
javascript云原生 企业社区
社区管理员
  • ASP.NET
  • .Net开发者社区
  • R小R
加入社区
  • 近7日
  • 近30日
  • 至今

加载中

查看更多榜单
社区公告

.NET 社区是一个围绕开源 .NET 的开放、热情、创新、包容的技术社区。社区致力于为广大 .NET 爱好者提供一个良好的知识共享、协同互助的 .NET 技术交流环境。我们尊重不同意见,支持健康理性的辩论和互动,反对歧视和攻击。

希望和大家一起共同营造一个活跃、友好的社区氛围。

试试用AI创作助手写篇文章吧

+ 用AI写文章