堆棧內存溢出
  簡體   English   中英

通過復選框列表在VB.net中創建SQL查詢

[英]Creating SQL query in VB.net from a Checkboxlist

 原文  2014-04-04 17:57:15       asp.net/ sql/ vb.net/ checkboxlist

問題描述

我有一個清單,並從數據庫中動態填充它。 例如,在我填充復選框后,就像這樣:

  • 洛杉磯
  • 紐約
  • 倫敦
  • 柏林
  • 阿姆斯特丹

我想根據選中的復選框創建一個SQL查詢。 如果我只選擇一個城市(例如,僅紐約),我希望結果是:

(城市= 2)

那可以正常工作,但是當我有多個城市(例如紐約,倫敦和阿姆斯特丹)時,我希望結果例如:

(城市= 2)或(城市= 3)或(城市= 5)

或者,如果我選擇洛杉磯和柏林,我希望結果是這樣的:

(城市= 1)或(城市= 4)

我怎樣才能做到這一點? 那是我下面的代碼,但我被堆積了。 有任何想法嗎? 

Protected Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
    Dim var As String = ""
    Dim counter As Integer = 0
    Dim myList As New List(Of String)()
    For i As Integer = 0 To CheckBoxList1.Items.Count - 1
        If CheckBoxList1.Items(i).Selected Then
            myList.Add(i + 1)
            counter = counter + 1
            If counter = 1 Then
                var = "(City =" & i + 1 & ")"
            Else
                Console.WriteLine(myList(1))
                Dim myArray As String() = myList.ToArray()
                For j As Integer = 1 To myArray.Length
                    Dim var2 As String = " OR (City =" & counter & ")"
                    var = "(City =" & myArray(0) & ")" & var2
                Next
            End If
        End If
    Next
    SQL = "SELECT * FROM Data1 WHERE (" & var & ") ORDER BY [ID]"
    Session("Search") = SQL
    Server.Transfer("Data_Form.aspx")
End Sub

2 個解決方案

解決方案1
 2  2014-04-04 18:07:28

我最強烈建議您查看表值參數:

http://msdn.microsoft.com/en-us/library/bb675163(v=vs.110).aspx

這將解決您的問題並幫助您避免sql注入漏洞。

但是,如果您確實堅持使用字符串連接,請嘗試使用IN()條件,在此條件下最終會出現類似CITY IN (1,2)而不是(City = 1 OR City = 2) 您可以通過使用未使用的ID來使其更容易編寫,如下所示: 

Dim cityClause As String = " CITY IN (-1{0})" 'start with a valid clause
Dim cityIDs As String = ""
For Each box As ListItem In CheckBoxList1.Items.Where(Function(b) b.Selected)
     'Try storing the ID for each city in the value part of each listitem,
     ' rather than using the index order 
     cityIDs = cityIDs & "," & box.Value
Next box
cityClause = string.Format(cityClause, cityIDs)

解決方案2
 1 已采納  2014-04-04 18:14:01

您可以使用City IN(2,3,5)代替(City = 2) OR (City = 3) OR (City = 5) 

Protected Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
    Dim condition As String = ""
    For i As Integer = 0 To CheckBoxList1.Items.Count - 1
        If CheckBoxList1.Items(i).Selected Then
            condition = condition & "," & (i + 1)
        End If
    Next
    SQL = "SELECT * FROM Data1 WHERE (" & condition.SubString(1) & ") ORDER BY [ID]"
    Session("Search") = SQL
    Server.Transfer("Data_Form.aspx")
End Sub

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 從VB.NET中的uniqueID CheckBoxList獲取所有選定的值 應用來自多個checkboxList的篩選器以篩選VB.net中的ListView VB.NET創建兩列CheckboxList vb.net的SQL Union查詢錯誤 VB.NET(SQL)查詢中的是否/其他語句? 如何在VB.NET,LINQ to SQL中使用復選框列表插入一對多關系? VB.net For Loop從多個控件捕獲數據(CheckBoxList項目) 用VB.NET linq中的值列表填充復選框列表 在復選框列表中進行多項選擇以篩選數據表vb.net 在VB.NET中獲取CheckBoxList的所有選定值
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM