string sqlStatement = "SELECT Orders.[ID], Orders.[Checkintime], Orders.[RoomPrice], Orders.[OrderNo], Particulars.FirstName, Particulars.LastName FROM Orders, where Checkintime between '" + dateOnly + "' and '" + endDateOnly + "', Particulars;";
我尝试使用此语句从数据库中选择信息,但此语句在FROM子句中存在语法错误
I suppose that the two tables (Orders and Particulars) are joined by some field that acts as a foreignkey. So you should have a OrderID field in the Particulars table that links every 'particular' to the respective Order.
If this is the case then your query should be something like this
string sqlStatement = @"SELECT Orders.[ID], Orders.[Checkintime],
Orders.[RoomPrice], Orders.[OrderNo],
Particulars.FirstName, Particulars.LastName
FROM Orders INNER JOIN Particulars
ON Orders.[ID] = Particulars.[OrderID]
where Checkintime between '" + dateOnly +
"' and '" + endDateOnly + "'";
However this approach with string concatenation is prone to other kind of errors like parsing problems and Sql injection, better use a parameterized query
string sqlStatement = @"SELECT Orders.[ID], Orders.[Checkintime],
Orders.[RoomPrice], Orders.[OrderNo],
Particulars.FirstName, Particulars.LastName
FROM Orders INNER JOIN Particulars
ON Orders.[ID] = Particulars.[OrderID]
where Checkintime between @init AND @end";
using(SqlConnection cnn = new SqlConnection(.....))
using(SqlCommand cmd = new SqlCommand(sqlStatement, cnn))
{
cnn.Open();
cmd.Parameters.Add("@init", SqlDbType.DateTime).Value = dateOnly;
cmd.Parameters.Add("@end", SqlDbType.DateTime).Value = endDateOnly;
.... remainder of your code that reads back your data.....
}
Please note, the value supplied to the Parameter.Value should be a DateTime variable not a string....
Remove that ,
here Orders, where
That , Particulars;
doesn't makes sence as well probably you should use a join ... FROM Orders join Particulars ON Orders.ID = Particulars.ID
or what the ID-column is called
Depending on your Culture the DateTime could cause a problem when it's passed as a string value '04/08/2015 21:52:39'
. eg in some cultures day and month are swapped. You can do dateOnly.ToString("yyyy-MM-dd")
or better use parameters and pass a DateTime object to avoids injection attacks additional
you need a join query:
string sqlStatement = "SELECT Orders.[ID], Orders.[Checkintime], Orders.[RoomPrice], Orders.[OrderNo], Particulars.FirstName, Particulars.LastName FROM Orders inner join Particulars on Orders.CommonField=Particulars.CommonField
where Checkintime between '" + dateOnly + "' and '" + endDateOnly + "'";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.