0
我已將數據庫從Access
轉換爲Sql
,因爲Sql
不接受format()
因此顯示錯誤。在預期條件的上下文中指定的非布爾類型的表達式,在'and'附近
這是我的代碼:
DefaultStr = "" &
"SELECT StudentAccount.Dated, StudentAccountS.StAdmNo, StudentAccountS.StClass, " &
"StudentAccountS.StName, StudentAccount.Perticular, StudentAccount.Amount,StudentAccount.Remark,StudentAccount.PayMode,TransactionID " &
"FROM (StudentAccount LEFT OUTER JOIN StudentAccountS ON StudentAccount.SSID = StudentAccountS.SSID) " &
"WHERE (StudentAccount.Debit) and (StudentAccount.Dated Between " &
"#" & Format(DateFrom, "MM/dd/yyyy") & "# AND #" & Format(DateTo, "MM/dd/yyyy") & "#)"
Select Case SIndex
Case 0
SelStr = " AND (StudentAccount.PayMode = '" & OptionStr & "') Order By StudentAccount.Dated"
Case 1
SelStr = " AND (StudentAccount.Perticular = '" & OptionStr & "') Order By StudentAccount.Dated"
Case 2, 3
SelStr = " AND (StudentAccount.TransType = '" & filterStr & "') Order By StudentAccount.Dated"
Case Else
SelStr = Nothing
End Select
Da = New SqlDataAdapter(DefaultStr & SelStr, Conn)
Ds = New DataSet
Da.Fill(Ds)
在'mssql',當你存儲'date'(或'datetime')值不使用''#(像'Access'),但單引號。什麼是DateTo和DateFrom變量?如果他們然後使用這樣的東西:''「&String.Format(」{0:MM/dd/yyyy}「,DateTo)&」'' – nelek
我還會補充說,你不應該使用字符串連接sql命令。使用參數化的sql。看到這個http://stackoverflow.com/questions/306668/are-parameters-really-enough-to-prevent-sql-injections – chrisl08
這也拋出相同的錯誤 – Ankit