0

在以下代码中,SqlDataReader 'dr' 不会读取名称包含空格的主题的“SubjectCode”;例如来自主题表的英语语言、社会研究、成本会计原理等。

因此,如果有人能立即帮助我,我将不胜感激。

cmd = New SqlCommand( _
    "select subjectCode from ProgramDetails.subjects where subjectname='" & _
    Trim(subname) & " ' ", cn)
dr = cmd.ExecuteReader
If dr.Read Then
    subcode = dr(0)
End If
dr.Close()
4

2 回答 2

3
  1. 您对SQL-Injection开放,使用SQL-Parameters
  2. 你最后有一个空格,我认为这是不希望的
  3. 您可能想改用LIKE通配符%

例如:

Dim sql = "Select subjectCode From ProgramDetails.subjects where subjectname Like @subname"
Using con = New SqlConnection(connectionString)
    Using cmd = New SqlCommand(sql, con)
        cmd.Parameters.AddWithValue("@subname", String.Format("%{0}%", "english"))
        Con.Open()
        Using rd = cmd.ExecuteReader()
            While rd.Read()  
                Dim subjectCode = rd.GetString(0)
                ' ... '
            End While
        End Using
    End Using
End Using
于 2013-01-26T14:24:21.233 回答
0

只需使用RTRIM

cmd = New SqlCommand("select RTRIM(subjectCode) from ProgramDetails.subjects " + _
                     "where subjectname Like '" & Trim(subname) & "%'", cn)
dr = cmd.ExecuteReader
If dr.Read Then
    subcode = dr(0)
End If
dr.Close()
于 2013-01-26T14:17:31.290 回答