我正在构建简单的库应用程序。我正在使用 C# 和 SQL Server 2017。
在运行一个函数来检查这本书是否已经存在时,我在“名称”附近收到一个错误。
public bool DoesItExist()
{
mainSet mset = new mainSet();
string query = "SELECT * FROM [Library].[dbo].[ViewBook] WHERE " +
"Title = '" + this.title + "' AND " +
"DateOfFirstRelease = " + this.release_date + " AND " +
"Name = '" + this.author_name + "' AND " +
"2Name= '" + this.author_2name + "' AND " +
"Surname = '" + this.author_surname + "' AND " +
"Category = '" + this.category + "' AND " +
"Publishing = '" + this.Publishing+ "' ";
SqlConnection cnn = new SqlConnection(mset.dataBaseConect);
SqlCommand cmd = new SqlCommand(query, cnn);
cnn.Open();
SqlDataReader reader = cmd.ExecuteReader();
if (reader.HasRows) return true;
else return false;
}
都是“这个”。是“标题”类中的参数。
所有参数都是类型:字符串,除了“DateOfRelease”是类型:int
[ViewBook] 是 [Library] 数据库中的一个视图。
我得到的错误:
System.Data.SqlClient.SqlException:
An expression of non-boolean type specified in a context where a condition is expected, near 'Name'.”
cmd 查询示例:
"SELECT * FROM [Library].[dbo].[ViewBook] WHERE Title = 'Book Name' AND DateOfFirstRelease = 2004 AND Name = 'George' AND 2Name= '' AND Surname = 'Martin' AND Category = 'Economy' AND Publishing = 'PublishingTest' "
这个答案有一个很大的警告;我不是 ac# 编码员,所以我没有测试过。我很少接近 C#,只有当我这样做是因为我正在协助我们的开发人员处理他们的 SQL Server 需求(因为我是一名 DBA/SQL 开发人员)。我做了什么?我使用文档(SqlCommand.Parameters Property & SqlDbType Enum)编写了一个正确参数化的查询,该查询应该可以工作(我添加了一条评论,说明为什么我认为您的查询也失败了):
string query = "SELECT * FROM Library.dbo.ViewBook" +
" WHERE Title = @Title" +
" AND DateOfFirstRelease = @ReleaseDate" +
" AND [Name] = @AuthorName" + //Name is a keyword, so I prefer to quote it
" AND [2Name] = @AuthorName2" + //Quoted as a column that begins with a number needs to be delimit identified
" AND Surname = @Surname" +
" AND Category = @Category" +
" AND Publishing = @Publishing;";
using (SqlConnection cnn = new SqlConnection(mset.dataBaseConect))
{
SqlCommand cmd = new SqlCommand(query, cnn);
cmd.Parameters.Add("@Title",SqlDbType,VarChar,50); //Guessed datatype
cmd.Parameters["@Title"].Value = this.title;
cmd.Parameters.Add("@ReleaseDate",SqlDbType.Date); //Guessed datatype
cmd.Parameters["@ReleaseDate"].Value = this.release_date;
cmd.Parameters.Add("@AuthorName",SqlDbType.VarChar,50); //Guessed datatype
cmd.Parameters["@AuthorName"].Value = this.author_name;
cmd.Parameters.Add("@AuthorName2",SqlDbType.VarChar,50); //Guessed datatype
cmd.Parameters["@AuthorName2"].Value = this.author_2name;
cmd.Parameters.Add("@Surname",SqlDbType.VarChar,50); //Guessed datatype
cmd.Parameters["@Surname"].Value = this.author_surname;
cmd.Parameters.Add("@Category",SqlDbType.VarChar,50); //Guessed datatype
cmd.Parameters["@Category"].Value = this.category;
cmd.Parameters.Add("@Publishing",SqlDbType.VarChar,50); //Guessed datatype
cmd.Parameters["@Publishing"].Value = this.Publishing;
cnn.Open();
SqlDataReader reader = cmd.ExecuteReader();
}
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句