C# 语法错误:System.Data.SqlClient.SqlException:在'=';
我收到此服务器错误,无法找出问题所在: 描述:在执行过程中发生未处理的异常 当前的web请求。请查看堆栈跟踪以了解更多信息 有关错误的信息及其在代码中的来源 异常详细信息:System.Data.SqlClient.SqlException:不正确 “=”附近的语法 我的代码在这里:C# 语法错误:System.Data.SqlClient.SqlException:在'=';,c#,asp.net,C#,Asp.net,我收到此服务器错误,无法找出问题所在: 描述:在执行过程中发生未处理的异常 当前的web请求。请查看堆栈跟踪以了解更多信息 有关错误的信息及其在代码中的来源 异常详细信息:System.Data.SqlClient.SqlException:不正确 “=”附近的语法 我的代码在这里: public partial class v2_kradescription : System.Web.UI.Page { SqlConnection conn = new SqlConnection(Syste
public partial class v2_kradescription : System.Web.UI.Page
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString());
protected void Page_Load(object sender, EventArgs e)
{
try
{
// icnoA for appraisee icno
string role = "";
string kr_icno = (string)(Session["s_icno"]);
string kr_position = (string)(Session["kr_position"]);
string kr_description = (string)(Session["kr_description"]);
Session["role"] = role;
if (role == "KRA")
{
kr_icno = (string)(Session["s_icno"]);
kr_position = (string)(Session["kr_position"]);
kr_description = (string)(Session["kr_description"]);
}
conn.Open();
SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;
conn.Close();
}
catch (Exception ex)
{
lblMsg.Text = ex.Message; //" Error while saving the record.";
}
//conn.Open();
//string icno = (string)(Session["s_icno"]);
//SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + icno;
//conn.Close();
}
protected void GridView1_OnRowDataBound(object sender, GridViewRowEventArgs e)
{
string kr_id = Request.QueryString["kr_id"];
string id = "";
if (e.Row.RowType == DataControlRowType.DataRow)
{
id = GridView1.DataKeys[e.Row.RowIndex].Values[0].ToString();
}
Label lblposition = (Label)e.Row.FindControl("lblposition");
Label lbldescription = (Label)e.Row.FindControl("lbldescription");
if(e.Row.DataItem != null)
{
conn.Open();
String queryA = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + s_icno;
SqlCommand cmdA = new SqlCommand(queryA, conn);
SqlDataReader drA = cmdA.ExecuteReader();
if (drA.Read())
{
lblposition.Text = drA["kr_position"].ToString();
lbldescription.Text = drA["kr_description"].ToString();
}
drA.Close();
}
}
protected void GridView1_OnRowEdited(object sender, GridViewEditEventArgs e)
{
GridView1.EditIndex = e.NewEditIndex;
}
protected void GridView1_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e)
{
GridView1.Focus();
}
protected void GridView1_OnRowUpdated(object sender, GridViewUpdateEventArgs e)
{
Response.Redirect("kra_description.aspx?Sucess");
}
protected void OnPaging(object sender, GridViewPageEventArgs e)
{
GridView1.PageIndex = e.NewPageIndex;
}
protected void btnPreview_Click(object sender, EventArgs e)
{
Response.Redirect("kra_pdf.aspx");
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
string kricno = (string)(Session["s_icno"]);
string krid = (string)(Session["kr_id"]);
string krdescription = (string)(Session["kr_description"]);
string krposition = (string)(Session["kr_position"]); ;
try
{
// get requester name, companyid, primary appraiser of requester
String queryA = "SELECT kr_id, kr_description, kr_position FROM tblKRAObjective WHERE s_icno = '"+kricno;
SqlCommand cmdA = new SqlCommand(queryA);
SqlDataReader drA = cmdA.ExecuteReader();
if (drA.Read())
{
krid = drA["kr_id"].ToString();
kricno = drA["kr_icno"].ToString();
krdescription = drA["kr_description"].ToString();
krposition = drA["kr_position"].ToString();
}
drA.Close();
SqlCommand cmd1 = new SqlCommand();
cmd1.CommandType = CommandType.StoredProcedure;
cmd1.Parameters.Add("@kr_id", SqlDbType.NVarChar).Value = krid.ToString();
cmd1.Parameters.Add("@kr_descpription", SqlDbType.NVarChar).Value = krdescription.ToString();
cmd1.Parameters.Add("@kr_position", SqlDbType.NVarChar).Value = krposition.ToString();
cmd1.Parameters.Add("@kr_icno", SqlDbType.NVarChar).Value = kricno.ToString();
cmd1.ExecuteNonQuery();
}
catch (Exception ex)
{
lblMsg.Text = ex.Message; //" Error while saving the record.";
}
Response.Redirect("kra_dashboard.aspx");
}
}
protected void btnAddNew_Click(object sender, EventArgs e)
{
}
}
在这一行中,表名和
WhereSqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
为了避免在此行中使用,表名和
之间缺少一个空格,其中SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
为了避免使用请在Where之前留出空间,并在参数中添加单引号,因为它是字符串 试试下面
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
请在Where之前留出空间,并在参数中添加单引号,因为它是字符串 试试下面
"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";
首先想到的是:
s\u icnoWHERESqlParameters_icnoWHERESqlParameter