1. 首頁
  2. 問答
  3. 語法錯誤信息:System.Data.SqlClient.SqlException:附近有語法錯誤「=」

語法錯誤信息:System.Data.SqlClient.SqlException:附近有語法錯誤「=」

2016-08-04 157 views
0

我收到這個服務器錯誤,我無法揣摩出麻煩的是:語法錯誤信息:System.Data.SqlClient.SqlException:附近有語法錯誤「=」

說明:期間,出現未處理的異常執行當前Web請求的 。請查看堆棧跟蹤以獲取有關該錯誤的更多信息以及源代碼的位置。

異常詳細信息:System.Data.SqlClient.SqlException:'='附近的語法不正確 。

我的代碼是在這裏:

public partial class v2_kradescription : System.Web.UI.Page 
{ 
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString"].ToString()); 

protected void Page_Load(object sender, EventArgs e) 
{ 
     try 
     { 
     // icnoA for appraisee icno 


     string role = ""; 

     string kr_icno = (string)(Session["s_icno"]); 
     string kr_position = (string)(Session["kr_position"]); 
     string kr_description = (string)(Session["kr_description"]); 

     Session["role"] = role; 

     if (role == "KRA") 
     { 
      kr_icno = (string)(Session["s_icno"]); 
      kr_position = (string)(Session["kr_position"]); 
      kr_description = (string)(Session["kr_description"]); 
     } 
      conn.Open(); 
      SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno; 
      conn.Close(); 
     } 

    catch (Exception ex) 
    { 
     lblMsg.Text = ex.Message; //" Error while saving the record."; 
    } 
    //conn.Open(); 
    //string icno = (string)(Session["s_icno"]); 
    //SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + icno; 

    //conn.Close(); 

    } 

protected void GridView1_OnRowDataBound(object sender, GridViewRowEventArgs e) 
{ 
    string kr_id = Request.QueryString["kr_id"]; 

    string id = ""; 

    if (e.Row.RowType == DataControlRowType.DataRow) 
    { 
     id = GridView1.DataKeys[e.Row.RowIndex].Values[0].ToString(); 
    } 
    Label lblposition = (Label)e.Row.FindControl("lblposition"); 
    Label lbldescription = (Label)e.Row.FindControl("lbldescription"); 

    if(e.Row.DataItem != null) 
    { 
     conn.Open(); 

     String queryA = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = " + s_icno; 
     SqlCommand cmdA = new SqlCommand(queryA, conn); 
     SqlDataReader drA = cmdA.ExecuteReader(); 

     if (drA.Read()) 
     { 
      lblposition.Text = drA["kr_position"].ToString(); 
      lbldescription.Text = drA["kr_description"].ToString(); 
     } 
     drA.Close(); 
    } 
} 

protected void GridView1_OnRowEdited(object sender, GridViewEditEventArgs e) 
{ 
    GridView1.EditIndex = e.NewEditIndex; 
} 

    protected void GridView1_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e) 
{ 
    GridView1.Focus(); 
} 

protected void GridView1_OnRowUpdated(object sender, GridViewUpdateEventArgs e) 
{ 
    Response.Redirect("kra_description.aspx?Sucess"); 
} 

protected void OnPaging(object sender, GridViewPageEventArgs e) 
{ 
    GridView1.PageIndex = e.NewPageIndex; 
} 

protected void btnPreview_Click(object sender, EventArgs e) 
{ 
      Response.Redirect("kra_pdf.aspx"); 
} 

protected void btnSubmit_Click(object sender, EventArgs e) 
{ 
    if (Page.IsValid) 
    { 

     string kricno = (string)(Session["s_icno"]); 
     string krid = (string)(Session["kr_id"]); 
     string krdescription = (string)(Session["kr_description"]); 
     string krposition = (string)(Session["kr_position"]); ; 

     try 
     { 

      // get requester name, companyid, primary appraiser of requester 

      String queryA = "SELECT kr_id, kr_description, kr_position FROM tblKRAObjective WHERE s_icno = '"+kricno; 
      SqlCommand cmdA = new SqlCommand(queryA); 
      SqlDataReader drA = cmdA.ExecuteReader(); 

      if (drA.Read()) 
      { 
       krid = drA["kr_id"].ToString(); 
       kricno = drA["kr_icno"].ToString(); 
       krdescription = drA["kr_description"].ToString(); 
       krposition = drA["kr_position"].ToString(); 
      } 
      drA.Close(); 

      SqlCommand cmd1 = new SqlCommand(); 
      cmd1.CommandType = CommandType.StoredProcedure; 

      cmd1.Parameters.Add("@kr_id", SqlDbType.NVarChar).Value = krid.ToString(); 
      cmd1.Parameters.Add("@kr_descpription", SqlDbType.NVarChar).Value = krdescription.ToString(); 
      cmd1.Parameters.Add("@kr_position", SqlDbType.NVarChar).Value = krposition.ToString(); 
      cmd1.Parameters.Add("@kr_icno", SqlDbType.NVarChar).Value = kricno.ToString(); 

      cmd1.ExecuteNonQuery(); 


      } 
       catch (Exception ex) 
     { 
      lblMsg.Text = ex.Message; //" Error while saving the record."; 
     } 
     Response.Redirect("kra_dashboard.aspx"); 
    } 
} 


protected void btnAddNew_Click(object sender, EventArgs e) 
{ 

} 
}

來源

2016-08-04 fadilla ' atyka

+0

,想到的第一件事是:'s_icno'爲空或空。 –

+2

真的嗎?你需要我們的幫助來發現你已經把你的表名和'WHERE'關鍵字放在一起了嗎? –

+0

請勿在查詢中連接字符串!改用'SqlParameter's。 – user3185569

回答

3

在這一行你缺少和Where

SqlDataSource1.SelectCommand = "SELECT kr_id, kr_position, kr_description FROM tblKRAObjectiveWHERE kr_icno = " + s_icno;

表名之間的空間試試這個:

"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";

並且爲了避免Sql Injections使用Parameterized queries

來源

2016-08-04 07:05:45

+1

不要鼓勵SQL查詢cancatenate! –

+0

@PawełDyl - 我不知道。有時候只需要耐心等到編輯完成 –

+0

好的謝謝。我已經解決了這個問題。但現在我得到了另一個錯誤 - >多部分標識符「System.Web.UI.WebControls.HiddenField」無法綁定。 –

0

請大家給空間之前在哪裏,單引號也添加到您的參數,因爲它是字符串

試試下面

"SELECT kr_id, kr_position, kr_description FROM tblKRAObjective WHERE kr_icno = '" + s_icno + "'";

來源

2016-08-04 07:10:06

相關問題

 相關問題