语法错误信息:System.Data.SqlClient.SqlException:附近有语法错误“=”
我收到这个服务器错误,我无法揣摩出麻烦的是:语法错误信息:System.Data.SqlClient.SqlException:附近有语法错误“=”
说明:期间,出现未处理的异常执行当前Web请求的 。请查看堆栈跟踪以获取有关该错误的更多信息以及源代码的位置。
异常详细信息:System.Data.SqlClient.SqlException:'='附近的语法不正确 。
我的代码是在这里:
public partial class v2_kradescription : System.Web.UI.Page
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString());
protected void Page_Load(object sender, EventArgs e)
{
try
{
// icnoA for appraisee icno
string role = "";
string kr_icno = (string)(Session["s_icno"]);
string kr_position = (string)(Session["kr_position"]);
string kr_description = (string)(Session["kr_description"]);
Session["role"] = role;
if (role == "KRA")
{
kr_icno = (string)(Session["s_icno"]);
kr_position = (string)(Session["kr_position"]);
kr_description = (string)(Session["kr_description"]);
}
conn.Open();
SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;
conn.Close();
}
catch (Exception ex)
{
lblMsg.Text = ex.Message; //" Error while saving the record.";
}
//conn.Open();
//string icno = (string)(Session["s_icno"]);
//SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + icno;
//conn.Close();
}
protected void GridView1_OnRowDataBound(object sender, GridViewRowEventArgs e)
{
string kr_id = Request.QueryString["kr_id"];
string id = "";
if (e.Row.RowType == DataControlRowType.DataRow)
{
id = GridView1.DataKeys[e.Row.RowIndex].Values[0].ToString();
}
Label lblposition = (Label)e.Row.FindControl("lblposition");
Label lbldescription = (Label)e.Row.FindControl("lbldescription");
if(e.Row.DataItem != null)
{
conn.Open();
String queryA = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + s_icno;
SqlCommand cmdA = new SqlCommand(queryA, conn);
SqlDataReader drA = cmdA.ExecuteReader();
if (drA.Read())
{
lblposition.Text = drA["kr_position"].ToString();
lbldescription.Text = drA["kr_description"].ToString();
}
drA.Close();
}
}
protected void GridView1_OnRowEdited(object sender, GridViewEditEventArgs e)
{
GridView1.EditIndex = e.NewEditIndex;
}
protected void GridView1_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e)
{
GridView1.Focus();
}
protected void GridView1_OnRowUpdated(object sender, GridViewUpdateEventArgs e)
{
Response.Redirect("kra_description.aspx?Sucess");
}
protected void OnPaging(object sender, GridViewPageEventArgs e)
{
GridView1.PageIndex = e.NewPageIndex;
}
protected void btnPreview_Click(object sender, EventArgs e)
{
Response.Redirect("kra_pdf.aspx");
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
string kricno = (string)(Session["s_icno"]);
string krid = (string)(Session["kr_id"]);
string krdescription = (string)(Session["kr_description"]);
string krposition = (string)(Session["kr_position"]); ;
try
{
// get requester name, companyid, primary appraiser of requester
String queryA = "SELECT kr_id, kr_description, kr_position FROM tblKRAObjective WHERE s_icno = '"+kricno;
SqlCommand cmdA = new SqlCommand(queryA);
SqlDataReader drA = cmdA.ExecuteReader();
if (drA.Read())
{
krid = drA["kr_id"].ToString();
kricno = drA["kr_icno"].ToString();
krdescription = drA["kr_description"].ToString();
krposition = drA["kr_position"].ToString();
}
drA.Close();
SqlCommand cmd1 = new SqlCommand();
cmd1.CommandType = CommandType.StoredProcedure;
cmd1.Parameters.Add("@kr_id", SqlDbType.NVarChar).Value = krid.ToString();
cmd1.Parameters.Add("@kr_descpription", SqlDbType.NVarChar).Value = krdescription.ToString();
cmd1.Parameters.Add("@kr_position", SqlDbType.NVarChar).Value = krposition.ToString();
cmd1.Parameters.Add("@kr_icno", SqlDbType.NVarChar).Value = kricno.ToString();
cmd1.ExecuteNonQuery();
}
catch (Exception ex)
{
lblMsg.Text = ex.Message; //" Error while saving the record.";
}
Response.Redirect("kra_dashboard.aspx");
}
}
protected void btnAddNew_Click(object sender, EventArgs e)
{
}
}
在这一行你缺少和Where
SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;
表名之间的空间试试这个:
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
不要鼓励SQL查询cancatenate! –
@PawełDyl - 我不知道。有时候只需要耐心等到编辑完成 –
好的谢谢。我已经解决了这个问题。但现在我得到了另一个错误 - >多部分标识符“System.Web.UI.WebControls.HiddenField”无法绑定。 –
请大家给空间之前在哪里,单引号也添加到您的参数,因为它是字符串
试试下面
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
,想到的第一件事是:'s_icno'为空或空。 –
真的吗?你需要我们的帮助来发现你已经把你的表名和'WHERE'关键字放在一起了吗? –
请勿在查询中连接字符串!改用'SqlParameter's。 – user3185569