Incorrect syntax near '='.
Question
I am trying to display my data on my website, using asp.net and c# but im getting this error, System.Data.SqlClient.SqlException: Incorrect syntax near '='. please help, i have double check my code but nothing seems to be wrong.
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["RDCINFOS"].ConnectionString);
SqlCommand cmd;
SqlDataReader dr;
string str;
protected void Page_Load(object sender, EventArgs e)
{
SqlCommand cmd =new SqlCommand("select * from articles where id=" + Request.Params["x"], con);
cmd.CommandType = CommandType.Text;
con.Open();
dr= cmd.ExecuteReader();
while(dr.Read())
{
art.InnerHtml += "<br>" + dr["title"] + "</br><br>";
art.InnerHtml += dr["details"] + "<br>";
art.InnerHtml += "<img src=pict/" + dr["photo"] + " height=300 width=200/><br>";
}
}
2 answers
solution1
2 2017-03-07 07:41:43
first of all, check if Request.Params["x"] is not null, and then change
SqlCommand cmd =new SqlCommand("select * from articles where id=" + Request.Params["x"], con);
to
SqlCommand cmd =new SqlCommand("select * from articles where id=@id", con);
cmd.Parameters.AddWithValue("@id", Request.Params["x"]);
solution2
0 2017-03-07 07:26:13
Request.Params["x"]可能为empty , null或数据库中id列以外的other type
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Incorrect syntax near '(' and near '='
Incorrect syntax near '('.
Incorrect Syntax Near '='. [WindowsForm]
Incorrect syntax near 'value'
Incorrect syntax near ',' AseBulkCopy
Incorrect Syntax Near 'Student'
Incorrect syntax near @ fileid
Incorrect syntax near '.'
Incorrect syntax near 'mainMenuNum'
Incorrect syntax near',',
Related Tags