1
我在我的数据库中有一个视图,并且该视图有一列我正在尝试搜索。我已经在sql server中测试过了,它返回了正确的结果。但是,当我用vb的参数尝试它时,它不会返回任何东西。 SQL代码,我得到一个查询返回正确的结果看起来像SQL参数化查询不返回正确的结果
SELECT *
FROM
(SELECT
ROW_NUMBER() OVER (ORDER BY groupID DESC) AS Row, *
FROM
SchedulingGroup_VIEW
WHERE
(scheduled = 1)
AND ((building LIKE '%dunn%') OR (room LIKE '%dunn%')
OR (requestBy LIKE '%dunn%') OR (requestFor LIKE '%dunn%')
OR (groupID LIKE '%dunn%') OR (description LIKE '%dunn%'))
AND (NOT EXISTS (SELECT gID FROM facilitiesForm
WHERE facilitiesForm.gID <> gID))) AS TMP
WHERE
(Row BETWEEN 0 AND 100)
与参数的SQL看起来像
SELECT * FROM (SELECT ROW_NUMBER() OVER (ORDER BY groupID DESC) AS Row, *
FROM schedulingGroup_VIEW
WHERE (scheduled = 1) AND
((building LIKE '%' + @search + '%')
OR (room LIKE '%' + @search + '%')
OR (requestBy LIKE '%' + @search + '%')
OR (requestFor LIKE '%' + @search + '%')
OR (groupID LIKE '%' + @search + '%')
OR (description LIKE '%' + @search + '%'))
AND
(NOT EXISTS (SELECT gID FROM facilitiesForm
WHERE facilitiesForm.gID <> gID))) AS TMP WHERE (Row BETWEEN 0 AND 100)
sqlComm.Parameters.AddWithValue("@search", info.search)
与info.search =“唐恩”。
sql查询返回相应的行,但带参数的vb.net不返回任何内容。
我对此投票并将其作为答案。尽管我已经看到了这两个参数。它也有助于使测试数据镜像直播。谢谢。 – willJk
虽然它可以防止SQL注入,但这更好。 – sovemp
我也有同样的问题吗? – SearchForKnowledge