我有一個IF語句的問題。Asp.net if語句
本聲明的目的是,所有3位經理必須先批准訂單,然後才能發行。
這是結:
Dim RstAllchk
Dim RstAllchk_numRows
Set RstAllchk = Server.CreateObject("ADODB.Recordset")
RstAllchk.ActiveConnection = MM_DBConn_STRING
RstAllchk.Source = "SELECT comitee.OrderNo, comitee.Bart, comitee.Carel, comitee.Charl FROM comitee WHERE (((comitee.OrderNo)='" + Replace(RstAllData__varOrderNum, "'", "''") + "'));"
RstAllchk.CursorType = 0
RstAllchk.CursorLocation = 2
RstAllchk.LockType = 1
RstAllchk.Open()
RstAllchk_numRows = 0
if (RstAllchk.Fields.Item("Bart").Value)= "Approved" then
if (RstAllchk.Fields.Item("Carel").Value)= "Approved" then
if (RstAllchk.Fields.Item("Charl").Value)= "Approved" then
set cdata1 = Server.CreateObject("ADODB.Command")
cdata1.ActiveConnection = MM_DBConn_STRING
cdata1.CommandText = " UPDATE TblOrderData SET Fldapproved = 'Approved' WHERE FldOrderID = '" & RstAllData__varOrderNum & "'"
cdata1.CommandType = 1
cdata1.CommandTimeout = 0
cdata1.Prepared = true
cdata1.Execute()
cdata1.ActiveConnection.Close
set cdata2 = Server.CreateObject("ADODB.Command")
cdata2.ActiveConnection = MM_DBConn_STRING
cdata2.CommandText = " UPDATE TblOrderDetail SET FldMainapproved = 'Approved' WHERE FldOrderNum = '" & RstAllData__varOrderNum & "'"
cdata2.CommandType = 1
cdata2.CommandTimeout = 0
cdata2.Prepared = true
cdata2.Execute()
cdata2.ActiveConnection.Close
`
有時候如果只有一個經理確認訂單,訂單仍在批准。我一直在爲此掙扎好幾天。希望你們中的任何人都能給我一些建議。
由於
花花公子硬編碼值?並且你的SQL語句應該被參數化。那裏有一些很好的SQL注入風險。 – Eonasdan