2条回答 默认 最新
- CSDN专家-showbo 2021-06-04 13:59关注
你应该先判断onecondition和twocondition有没有值在链接,要不sql出错
string onecondition=txtQueryCondition.Text.Trim().Replace("'","");//防注入替换掉单引号 string twocondition=cboFoodType.Text; string sql="select * from food"; string cd=""; if(onecondition!="")cd=" where foodname like '%"+onecondition+"%'"; if(twocondition!="")cd+=(cd==""?" where ":" and ")+" typeid="+twocondition; sql+=cd;////////// //...后面的语句
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报