从文本框和日期时间选择器C#中过滤数据表 [英] Filter datatable from text box and datetime picker C#
本文介绍了从文本框和日期时间选择器C#中过滤数据表的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Filter datatable from text box and datetime picker
一些帮助?
我尝试过:
Some help?
What I have tried:
private void izvjestajoprodanimartiklima()
{
using (SqlConnection openCon = new SqlConnection(cs))
{
String saveStaff = "SELECT roba as 'Naziv artikla', SUM (cast(kolicina as float)) as 'Kolicina' from (select roba, kolicina from mp_racun_roba union all select roba, kolicina from mp_faktura_roba) as alltables group by roba";
if (!string.IsNullOrEmpty(textBox1.Text))
{
saveStaff += "roba LIKE '%" + textBox1.Text + "%' ";
}
if (checkBox1.Checked)
{
String strFilterDTP1 = dateTimePicker1.Value.ToString("yyyy-MM-dd");
String strFilterDTP2 = dateTimePicker2.Value.ToString("yyyy-MM-dd");
saveStaff += strFilterDTP1 + " 00:00:00' AND '" + strFilterDTP2 + " 23:59:59' ";
}
推荐答案
1。)saveStaff + =roba LIKE'% + textBox1.Text +%';
你忘记了WHERE
以及roba之前的空格
2.)将SQL字符串与用户输入连接是危险的,并且当用户输入包含例如John's时通常会出现问题,但我认为你知道这一点。
更好地使用参数化查询,这也让你远离日期/时间格式的问题。
1.)saveStaff += "roba LIKE '%" + textBox1.Text + "%' ";
You forgot theWHERE
and also a space before "roba"
2.) Concatenating SQL Strings with user input is dangerous and usually gives problems when user input contains e.g."John's" , but I think you know that.
Better to use parameterized queries, which also Keep you away from Problems with date/time formatting.
这篇关于从文本框和日期时间选择器C#中过滤数据表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文