0
我正在開發一個VB.NET ASPX文件,並試圖在VB.NET中運行字符串查詢,但現在我收到上面的錯誤信息。我如何確定原因?下面是這個ASPX文件中的一些代碼。該生產線就錯誤的是: DSPageData = GlobalFunctions.GlobalF.GetSQLServerDataSet(SQL)VB.NET一個表達式,指定在一個上下文中,在''''''附近指定一個條件
但這同樣的功能,適用於我的其他SQL字符串中的一個,所以我覺得這個問題是在這個SQL字符串的地方:
arrType.Add("Product and Process")
arrType.Add("Product")
arrType.Add("Process")
dType.DataSource = arrType
dType.DataBind()
arrPEType.Add("INC")
arrPEType.Add("NC")
arrPEType.Add("QC")
peType.DataSource = arrPEType
peType.DataBind()
...
Select Case dType.SelectedValue
Case "Product and Process":
TheType = "(SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION='PXP_PRODUCT_QXP' Or SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION)='PXP_PROCESS_QXP')"
Case "Product":
TheType = "(SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION='PXP_PRODUCT_QXP')"
Case "Process":
TheType = "(SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION='PXP_PROCESS_QXP')"
End Select
Select Case peType.SelectedValue
Case "INC":
PE_Type = "(substring(a.QXP_EXCEPTION_NO, charindex('-', a.QXP_EXCEPTION_NO)+1, 4)='INC')"
Case "NC":
PE_Type = "(substring(a.QXP_EXCEPTION_NO, charindex('-', a.QXP_EXCEPTION_NO)+1, 4)='NC')"
Case "QC":
PE_Type = "(substring(a.QXP_EXCEPTION_NO, charindex('-', a.QXP_EXCEPTION_NO)+1, 4)='QC')"
End Select
If dOrgUnit.SelectedValue = "All" then
TheOrgUnit = "<> 'All'"
Else
TheOrgUnit = "='" & dOrgUnit.SelectedValue & "'"
End If
Dim SQL As String = "SELECT CASE SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION WHEN 'PXP_PROCESS_QXP' THEN SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_SHORT_DESC ELSE EPF_FAILURE_MODE END AS QXP_SHORT_DESC, " & _
"Count(distinct SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_EXCEPTION_NO) AS CountOfQXP_EXCEPTION_NO " & _
"FROM SMARTSOLVE.V_QXP_ALL_EXCEPTION LEFT OUTER JOIN " & _
"SMARTSOLVE.V_EPL_EXCEPTION_PART_LOT ON V_QXP_ALL_EXCEPTION.QXP_ID = V_EPL_EXCEPTION_PART_LOT.EPL_QXP_ID LEFT OUTER JOIN " & _
"SMARTSOLVE.V_EPF_EXPN_PART_FMODE ON V_EPL_EXCEPTION_PART_LOT.EPL_EPA_ID = V_EPF_EXPN_PART_FMODE.EPF_EPA_ID " & _
"LEFT OUTER JOIN SMARTSOLVE.V_PXP_PRODUCT_QXP ON SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_ID = SMARTSOLVE.V_PXP_PRODUCT_QXP.QXP_ID " & _
"LEFT OUTER JOIN SMARTSOLVE.V_PXP_PROCESS_QXP ON SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_ID = SMARTSOLVE.V_PXP_PROCESS_QXP.QXP_ID " & _
"WHERE SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_OCCURENCE_DATE >= CONVERT(DATETIME, '" & FirstMonthDate & " 00:00:00', 102) " & _
"And SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_OCCURENCE_DATE <= CONVERT(DATETIME, '" & LastMonthDate & " 23:59:59', 102) AND " & _
"SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_XRS_DESCRIPTION<>'Cancel' AND " & _
"SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_ORU_NAME" & TheOrgUnit & _
" and " & TheType & _
"AND (CASE V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION WHEN 'PXP_PROCESS_QXP' THEN V_PXP_PROCESS_QXP.PXP_OPR_NAME ELSE V_PXP_PRODUCT_QXP.PXP_OPR_NAME END <> 'Non-Diagnostic' OR " & _
"CASE V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION WHEN 'PXP_PROCESS_QXP' THEN V_PXP_PROCESS_QXP.PXP_OPR_NAME ELSE V_PXP_PRODUCT_QXP.PXP_OPR_NAME END IS NULL) " & _
"GROUP BY CASE SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_BASE_EXCEPTION WHEN 'PXP_PROCESS_QXP' THEN SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_SHORT_DESC ELSE EPF_FAILURE_MODE END " & _
"ORDER BY Count(distinct SMARTSOLVE.V_QXP_ALL_EXCEPTION.QXP_EXCEPTION_NO) DESC"
Dim DSPageData as new System.Data.DataSet
DSPageData = GlobalFunctions.GlobalF.GetSQLServerDataSet(SQL)
錯誤很可能是在SQL命令。你能以可讀的方式格式化該命令嗎?它可以像一個不匹配的括號一樣簡單。 – David
***不要使用字符串混合,以替代參數進入您的拼圖!! ***是的,我的意思是喊。這是一個大問題。在做其他事情之前,先閱讀sql注入。 –
我討厭這麼說,但從外觀上來說,您將不得不重新構建整個數據層,以便GetSQLServerDataSet()函數不僅可以接受查詢的字符串參數。 _這很重要。如果你不這樣做,而你把你的網頁放在公共互聯網上,它會在頭兩年被黑掉。我可以向你保證那個。 –