我已創建下面列出的查詢。它運行時,我運行它。參數化數據庫查詢問題
string sortDir = (this.GridSortDirection == SortDirection.Descending ? " DESC" : " ASC");
int startIndex = 1;
int endIndex = this.gvData.PageSize;
SELECT RowNum, [ID], [Name], [Description], [DisplayIndex], [Status]
FROM
(
SELECT [ID], [Name], [Description], [DisplayIndex], CASE WHEN Status = 1 THEN 'Active' ELSE 'Disabled' END AS [Status] ,
ROW_NUMBER() OVER(ORDER BY [" + this.GridSortExpression + "]" + " " + sortDir + @")as 'RowNum'
FROM [MyDatabase].[dbo].[t_MyTable] s
) as Info
WHERE RowNum BETWEEN " + startIndex.ToString() + " AND " + endIndex.ToString()
我試圖將其重構爲參數化查詢格式,如下所示,但運行時出現錯誤。該錯誤指出sortDir附近存在語法錯誤。
string sql = @"SELECT RowNum, [ID], [Name], [Description], [DisplayIndex], [Status]
FROM
(
SELECT [ID], [Name], [Description], [DisplayIndex], CASE WHEN Status = 1 THEN 'Active' ELSE 'Disabled' END AS [Status] ,
ROW_NUMBER() OVER(ORDER BY @SortExpression @SortDir)as 'RowNum'
FROM [MyDatabase].[dbo].[t_MyTable] s
) as Info
WHERE RowNum BETWEEN @startIndex AND @endIndex";
cmd = new SqlCommand(sql, conn);
cmd.Parameters.AddWithValue("@SortExpression", this.GridSortExpression);
cmd.Parameters.AddWithValue("@SortDir", sortDir);
cmd.Parameters.AddWithValue("@startIndex", startIndex);
cmd.Parameters.AddWithValue("@endIndex", endIndex);
da = new SqlDataAdapter(cmd);
da.Fill(dt);
我也嘗試了以下無濟於事......同樣的錯誤消息
cmd = new SqlCommand(sql, conn);
cmd.Parameters.AddWithValue("@SortExpression", this.GridSortExpression + " " + sortDir);
cmd.Parameters.AddWithValue("@startIndex", startIndex);
cmd.Parameters.AddWithValue("@endIndex", endIndex);
da = new SqlDataAdapter(cmd);
da.Fill(dt);
任何人都可以參考我我的錯誤?
提前
謝謝你的跟進。非常有用和周到的答案 – Bengal 2012-08-10 14:12:44