SqlDataAdapter da =
new SqlDataAdapter("SELECT *
FROM Patient
Where Registration_Id = '" + textBox1.Text + "'
OR Patient_Name = '" + textBox1.Text + "'", cn);
Wie suche ich int oder string in allen Feldern?Suche nach int oder string in allen Feldern
bearbeiten Code:
if (comboBox1.Text == "Registration_Id")
{
da = new SqlDataAdapter("SELECT *
FROM Patient
Where Registration_Id = '" + textBox1.Text + "'", cn);
}
else if (comboBox1.Text == "Patient_Name")
{
da = new SqlDataAdapter("SELECT *
FROM Patient
Where Patient_Name = '" + textBox1.Text + "'", cn);
}
Schreiben Sie nicht Code wie dieser, es unterliegt SQL-Injection-Angriff. – RedFilter
if (comboBox1.Text == "Registration_Id") { da = neuer SqlDataAdapter ("SELECT * FROM Patient Wobei Registration_Id = '" + textBox1.Text + "'", cn); } else if (comboBox1.Text == "Patient_Name") { da = new SqlDataAdapter ("SELECT * FROM Patient Wo Patient_Name = '" + textBox1.Text + "'", cn); } –