Dim SiparisOnayi As String
Dim SiparisDurumu As String
Dim SiparisIli As String
Dim SiparisOdemeYontemi As String
Dim SiparisKargoFirmasi As String
Dim SiparisSatisKanali As String
Dim a1, a2, a3, a4, a5, a6, a7, soncom As String
If ComboBox1.Text = Nothing Then
a1 = Nothing
Else
SiparisOnayi = ComboBox1.Text
a1 = " and Siparis_Onay = SiparisOnayi"
End If
If ComboBox2.Text = Nothing Then
a2 = Nothing
Else
SiparisDurumu = ComboBox2.Text
a2 = " and Siparis_Durumu = SiparisDurumu "
End If
If ComboBox3.Text = Nothing Then
a3 = Nothing
Else
SiparisIli = ComboBox3.Text
a3 = " and Musteri_IL = SiparisIli "
End If
If ComboBox4.Text = Nothing Then
a4 = Nothing
Else
a4 = " and Kullanici_Kodu = SiparisKullanicisi"
End If
If ComboBox5.Text = Nothing Then
a5 = Nothing
Else
SiparisOdemeYontemi = ComboBox5.Text
a5 = " and Odeme_Yontemi = SiparisOdemeYontemi"
End If
If ComboBox6.Text = Nothing Then
a6 = Nothing
Else
SiparisKargoFirmasi = ComboBox6.Text
a6 = " and Kargo_Adi = SiparisKargoFirmasi"
End If
If ComboBox7.Text = Nothing Then
a7 = Nothing
Else
SiparisSatisKanali = ComboBox7.Text
a7 = " and Satis_Kanali = SiparisSatisKanali"
End If
soncom = "SELECT * FROM `Siparisler` WHERE `Siparis_Tarihi` BETWEEN @d1 and @d2" & a1 & a2 & a3 & a4 & a5 & a6 & a7 & ", connection"
Try
Dim command As New MySqlCommand(soncom)
command.Parameters.Add("@d1", MySqlDbType.DateTime).Value = DateTimePicker2.Value
command.Parameters.Add("@d2", MySqlDbType.DateTime).Value = DateTimePicker3.Value
Dim table As New DataTable
Dim adapter As New MySqlDataAdapter(command)
adapter.Fill(table)
DataGridView1.DataSource = table
Label12.Text = "Toplam " & table.Rows.Count & " Kay?t bulundu ve g?steriliyor."
myconnection.close()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
錯誤:填充:SelectCommand 連接屬性尚未初始化
我該如何修復我的代碼?
uj5u.com熱心網友回復:
在& ", connection"我這行的末尾看起來錯誤:
soncom = "SELECT ..." & a1 & ... a7 & ", connection"
而且,除了命令和配接器之外,您還需要一個連接物件,WHERE 子句當前的組裝方式如果完全有效,則極易受到 sql 注入問題的影響,但不會,因為組合框值永遠不會實際上插入到最終字串中,如果在呼叫Fill().
這應該解決所有這些問題(一旦你填寫了連接字串):
Dim table As New DataTable
Using connection As New MySqlConnection("connection string here")
Using command As New MySqlCommand("", connection)
Using adapter As New MySqlDataAdapter(command)
Dim sql As String = "SELECT * FROM `Siparisler` WHERE `Siparis_Tarihi` BETWEEN @d1 and @d2"
If Not string.IsNullOrWhitespace(ComboBox1.Text) Then
sql = " and Siparis_Onay = @SiparisOnayi"
command.Parameters.AddWithValue("@SiparisOnayi", ComboBox1.Text)
End if
If Not string.IsNullOrWhitespace(ComboBox2.Text) Then
sql = " and Siparis_Durumu = @SiparisDurumu"
command.Parameters.AddWithValue("@SiparisDurumu", ComboBox2.Text)
End If
If Not string.IsNullOrWhitespace(ComboBox3.Text) Then
sql = " and Musteri_IL = @SiparisIli"
command.Parameters.AddWithValue("@SiparisIli", ComboBox3.Text)
End If
If Not string.IsNullOrWhitespace(ComboBox4.Text) Then
sql " and Kullanici_Kodu = @SiparisKullanicisi"
command.Parameters.AddWithValue("@SiparisKullanicisi", ComboBox4.Text)
End If
If Not string.IsNullOrWhitespace(ComboBox5.Text) Then
sql = " and Odeme_Yontemi = @SiparisOdemeYontemi"
command.Parameters.AddWithValue("@SiparisOdemeYontemi", ComboBox5.Text)
End If
If Not string.IsNullOrWhitespace(ComboBox6.Text) Then
sql = " and Kargo_Adi = @SiparisKargoFirmasi"
command.Parameters.AddWithValue("@SiparisKargoFirmasi", ComboBox6.Text)
End If
If Not string.IsNullOrWhitespace(ComboBox7.Text) Then
sql = " and Satis_Kanali = @SiparisSatisKanali"
command.Parameters.AddWithValue("@SiparisSatisKanali", ComboBox7.Text)
End If
command.CommandText = sql
command.Parameters.Add("@d1", MySqlDbType.DateTime).Value = DateTimePicker2.Value
command.Parameters.Add("@d2", MySqlDbType.DateTime).Value = DateTimePicker3.Value
Try
adapter.Fill(table)
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End Using
End Using
End Using
DataGridView1.DataSource = table
Label12.Text = $"Toplam {table.Rows.Count} Kay?t bulundu ve g?steriliyor."
轉載請註明出處,本文鏈接:https://www.uj5u.com/shujuku/348902.html
標籤:网络