在vb.net中列出MS SQL数据

Question

I got no errors in the code now, but it doesn't seem to work. The only thing that works is when I try to list all the data.

But when I try to narrow the data that is to be listed. I get no good results. Here is my code:

 If ComboBox1.SelectedItem = "School" Then
            Dim connectionString As String = "Data Source=SENBONZAKURA\SQLEXPRESS;Initial Catalog=testing;User ID=SenbonZakura\Rew; Trusted_Connection=True;"

            Dim selectCommand As String

            Dim connection As New SqlConnection(connectionString)

            selectCommand = "select * from student  WHERE (SCHOOL='" & TextBox1.Text & "')"

            Me.dataAdapter = New SqlDataAdapter(selectCommand, connection)



            Dim commandBuilder As New SqlCommandBuilder(Me.dataAdapter)

            Dim table As New DataTable()

            Me.dataAdapter.Fill(table)

            Me.BindingSource1.DataSource = table

            Dim data As New DataSet()

            DataGridView1.DataSource = Me.BindingSource1
END IF

The code above is not the whole thing. I've omitted those that are not relevant. What do I do to make this work?Please help, thanks.

Answer 1

The problem is most likely the:

WHERE (SCHOOL='" & TextBox1.Text & "')"

part. Ifgnoring the blatant ignorance of basic securtiy principles (read up on SQL Injection when you ahve the moment), this is a full comparison.

• School is not equal to school.
• Leating/trailing spaces are evil.

My standard practice would be:

• TRIM. Not sure about the VB syntax, but say & TextBox1.Text.Trim () - get rid of spaces on both ends that people just may enter and not see.
• Dont use "=", use "LIKE". NORMALLY (unless somone changed that) LINKE will not differentiate between "School" and "school"

Take the SQL and work it out in... SQL Manager.