![](/img/trans.png)
[英]Get all selected values from uniqueID CheckBoxList in VB.NET
[英]Creating SQL query in VB.net from a Checkboxlist
我有一個清單,並從數據庫中動態填充它。 例如,在我填充復選框后,就像這樣:
我想根據選中的復選框創建一個SQL查詢。 如果我只選擇一個城市(例如,僅紐約),我希望結果是:
(城市= 2)
那可以正常工作,但是當我有多個城市(例如紐約,倫敦和阿姆斯特丹)時,我希望結果例如:
(城市= 2)或(城市= 3)或(城市= 5)
或者,如果我選擇洛杉磯和柏林,我希望結果是這樣的:
(城市= 1)或(城市= 4)
我怎樣才能做到這一點? 那是我下面的代碼,但我被堆積了。 有任何想法嗎?
Protected Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim var As String = ""
Dim counter As Integer = 0
Dim myList As New List(Of String)()
For i As Integer = 0 To CheckBoxList1.Items.Count - 1
If CheckBoxList1.Items(i).Selected Then
myList.Add(i + 1)
counter = counter + 1
If counter = 1 Then
var = "(City =" & i + 1 & ")"
Else
Console.WriteLine(myList(1))
Dim myArray As String() = myList.ToArray()
For j As Integer = 1 To myArray.Length
Dim var2 As String = " OR (City =" & counter & ")"
var = "(City =" & myArray(0) & ")" & var2
Next
End If
End If
Next
SQL = "SELECT * FROM Data1 WHERE (" & var & ") ORDER BY [ID]"
Session("Search") = SQL
Server.Transfer("Data_Form.aspx")
End Sub
我最強烈建議您查看表值參數:
http://msdn.microsoft.com/en-us/library/bb675163(v=vs.110).aspx
這將解決您的問題並幫助您避免sql注入漏洞。
但是,如果您確實堅持使用字符串連接,請嘗試使用IN()
條件,在此條件下最終會出現類似CITY IN (1,2)
而不是(City = 1 OR City = 2)
。 您可以通過使用未使用的ID來使其更容易編寫,如下所示:
Dim cityClause As String = " CITY IN (-1{0})" 'start with a valid clause
Dim cityIDs As String = ""
For Each box As ListItem In CheckBoxList1.Items.Where(Function(b) b.Selected)
'Try storing the ID for each city in the value part of each listitem,
' rather than using the index order
cityIDs = cityIDs & "," & box.Value
Next box
cityClause = string.Format(cityClause, cityIDs)
您可以使用City IN(2,3,5)
代替(City = 2) OR (City = 3) OR (City = 5)
:
Protected Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim condition As String = ""
For i As Integer = 0 To CheckBoxList1.Items.Count - 1
If CheckBoxList1.Items(i).Selected Then
condition = condition & "," & (i + 1)
End If
Next
SQL = "SELECT * FROM Data1 WHERE (" & condition.SubString(1) & ") ORDER BY [ID]"
Session("Search") = SQL
Server.Transfer("Data_Form.aspx")
End Sub
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.