我想从我的文本字段中取值到select查询请帮忙 [英] i want to take values from my textfield into the select query please help
本文介绍了我想从我的文本字段中取值到select查询请帮忙的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
String s11 =选择student.sname,admission.sroll,admission.scourse,admission.semester from admission,student where entry.asid =(从文本框中获取值)和admission.asid = student.sid;
String s11="Select student.sname,admission.sroll,admission.scourse,admission.semester from admission,student where admission.asid=(get value from the textbox) and admission.asid=student.sid";
推荐答案
你可以按照这个过程
You can follow this process
using (SqlCommand command = new SqlCommand("Select student.sname,admission.sroll,admission.scourse,admission.semester from admission,student where admission.asid=@Variable and admission.asid=student.sid", connection))
{
command.Parameters.Add(new SqlParameter("Variable", txtVariable.Text.Trim()));
SqlDataReader reader = command.ExecuteReader();
DataTable dataTable = new DataTable();
dataTable.Load(reader);
}
了解SQL注入并以正确的方式执行:
1. http://www.w3schools.com/sql/sql_injection.asp [ ^ ]
2. http://forums.asp.net/t/1568268.aspx?SQL+Injection+And+Parameterized+Queries [ ^ ]
Learn about SQL Injection and do it the right way:
1. http://www.w3schools.com/sql/sql_injection.asp[^]
2. http://forums.asp.net/t/1568268.aspx?SQL+Injection+And+Parameterized+Queries[^]
这篇关于我想从我的文本字段中取值到select查询请帮忙的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
