28,391
社区成员
发帖
与我相关
我的任务
分享
SelectCommand="SELECT [name], [birthday] FROM [Table] where [class]='"+getSpecialChar(HttpUtility.UrlDecode(Request.Params["class"],System.Text.Encoding.Default))+"')"
<asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:ConnectionString3 %>"
SelectCommand="SELECT * FROM [tb_bookInfo] WHERE ([BookId] = @BookId)">
<SelectParameters>
<asp:QueryStringParameter Name="BookId" QueryStringField="id" Type="String" />
</SelectParameters>
</asp:SqlDataSource>
<asp:SqlDataSource ID="SqlDataSource1" runat="server" 就是报这句有问题
ConnectionString="<%$ ConnectionStrings:test hostConnectionString %>"
SelectCommand="SELECT [name], [birthday] FROM [Table] where [class]='"+(HttpUtility.UrlDecode(Request.Params["class"],System.Text.Encoding.Default))+"')"
DeleteCommand="DELETE FROM [Table] WHERE [id] = @id"
</asp:SqlDataSource>