I am trying to display my data on my website, using asp.net and c# but im getting this error, System.Data.SqlClient.SqlException: Incorrect syntax near '='. please help, i have double check my code but nothing seems to be wrong.
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["RDCINFOS"].ConnectionString);
SqlCommand cmd;
SqlDataReader dr;
string str;
protected void Page_Load(object sender, EventArgs e)
{
SqlCommand cmd =new SqlCommand("select * from articles where id=" + Request.Params["x"], con);
cmd.CommandType = CommandType.Text;
con.Open();
dr= cmd.ExecuteReader();
while(dr.Read())
{
art.InnerHtml += "<br>" + dr["title"] + "</br><br>";
art.InnerHtml += dr["details"] + "<br>";
art.InnerHtml += "<img src=pict/" + dr["photo"] + " height=300 width=200/><br>";
}
}
first of all, check if Request.Params["x"]
is not null, and then change
SqlCommand cmd =new SqlCommand("select * from articles where id=" + Request.Params["x"], con);
to
SqlCommand cmd =new SqlCommand("select * from articles where id=@id", con);
cmd.Parameters.AddWithValue("@id", Request.Params["x"]);
Request.Params["x"]
可能为empty
, null
或数据库中id列以外的other type
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.