sql查询单引号问题 [英] sql query single quote problem
本文介绍了sql查询单引号问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
OleDbDataAdapter da = new OleDbDataAdapter("select * from LOGIN where U_name='" + User + "' And U_password='" + Password + "' ", con);
当我把'd'Souza它给我一个错误
when i put d''souza it gives me an error
推荐答案
那是因为单引号表示字符串的结尾,因此其后的所有文本都被视为格式错误的输入。在用户名上替换('',\\'')(C#版本)以在单引号前放置转义字符。在MySQL中,espace字符是\我不确定它对你的情况是什么,所以你必须仔细检查。如果这对你不起作用,请告诉我。
That is because the single quote represent the end of the string so all of text after it is seen as malformed input. Do Replace("''","\\''") (C# version) on the user name to place an escape character before the single quote. In MySQL the espace character is a \ I''m not sure of what it is for your situation so you will have to double check. Please let me know if this doesn''t work for you.
Hello Amirsalgar1,
就像richcb告诉你的那样第一个评论,问题是d''souza名称中的['']字符。
我建议你使用sql参数对象来避免这种问题。
http://msdn.microsoft.com/en-us/library/bbw6zyha (v = vs.71).aspx [ ^ ]
祝你好运。
JAFC
Hello Amirsalgar1,
Like richcb told you in the first comment, the problem is the [''] character in d''souza name.
I recommend you to use sql parameter object to avoid this kind of problem.
http://msdn.microsoft.com/en-us/library/bbw6zyha(v=vs.71).aspx[^]
Good luck.
JAFC
试试这个希望它可以帮助.......
Try this hope it can help.......
public static string DoQuotes(string sql)
{
if (sql == null)
return "";
else
return sql.Replace("'", "''");
}
这篇关于sql查询单引号问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文