问题描述
我目前正在研究使用经典 ASP 和 MysqL 数据库的参数化查询。我有一个旧页面,访问者可以在其中使用从数据库填充的各种分层下拉列表(例如,国家、州、县)来搜索数据库。因此,每个下拉列表的内容将根据其他下拉列表(共 7 个)所做的选择进行过滤。我正在尝试转换此页面,以便它使用参数化查询。
在网上搜索时,我认为我有正确创建查询所需的步骤,但出现以下错误。
Microsoft VBScript 运行时错误“800a01b6” 对象不支持此属性或方法:'Parameters.Append'
我的县下拉列表代码如下。
Dim strConnString
strConnString = "Driver={MysqL ODBC 5.2w Driver}; Server=**servername**; Option=16834; User Id=**username**; Password=**pw**; Database=**db**;"
Dim objConn7,objRS7,cmd7
Set objConn7 = Server.CreateObject("ADODB.Connection")
objConn7.Open strConnString
Set cmd7 = Server.CreateObject("ADODB.Command")
cmd7.ActiveConnection = objConn7
cmd7.Prepared = true
cmd7.CommandType = adCmdText
If strSt <> "" Then
If strOrd <> "" Then
If strFam <> "" Then
If strGen <> "" Then
If strSp <> "" Then
cmd7.CommandText = "SELECT disTINCT(County) FROM specimens WHERE taxOrder= ? AND taxFamily= ? AND Genus= ? AND Species= ? AND Country= ? AND State= ? ORDER BY County ASC;"
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxOrder",adVarChar,adParamInput,35,strOrd)
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxFamily",strFam)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Genus",25,strGen)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Species",60,strSp)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Country",30,strCn)
Set cmd7.parameters.Append = cmd7.CreateParameter("@State",strSt)
Else
cmd7.CommandText = "SELECT disTINCT(County) FROM specimens WHERE TaxOrder= ? AND TaxFamily= ? AND Genus= ? AND Country= ? AND State= ? ORDER BY County ASC;"
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxOrder",strGen)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Country",strSt)
End If
Else
cmd7.CommandText = "SELECT disTINCT(County) FROM specimens WHERE TaxOrder= ? AND TaxFamily= ? AND Country= ? AND State= ? ORDER BY County ASC;"
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxOrder",strOrd)
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxFamily",strFam)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Country",strCn)
Set cmd7.parameters.Append = cmd7.CreateParameter("@State",strSt)
End If
Else
cmd7.CommandText = "SELECT disTINCT(County) FROM specimens WHERE TaxOrder= ? AND Country= ? AND State= ? ORDER BY County ASC;"
Set cmd7.parameters.Append = cmd7.CreateParameter("@taxOrder",strOrd)
Set cmd7.parameters.Append = cmd7.CreateParameter("@Country",strCn)
Set cmd7.parameters.Append = cmd7.CreateParameter("@State",strSt)
End If
Else
cmd7.CommandText = "SELECT disTINCT(County) FROM specimens WHERE Country= ? AND State= ? ORDER BY County ASC;"
Set cmd7.Parameters.Append = cmd7.CreateParameter("@Country",strCn) <====== Error thrown here!
Set cmd7.Parameters.Append = cmd7.CreateParameter("@State",strSt)
End If
Set objRS7 = cmd7.Execute
%>
<!-- START County dropdown -->
<div id="f-county" class="form-inline"><label for="county"><strong>County: </strong></label>
<select id="county" name="county" tabindex="7" onchange="window.location=document.NewRecord.county.options[document.NewRecord.county.selectedindex].value">
<option value="dbSearch.asp?uid=<%=strUName%>&q=&o=<%=strOrd%>&f=<%=strFam%>&g=<%=strGen%>&sp=<%=strSp%>&cn=<%=strCn%>&st=<%=strSt%>&co=&recs=<%=strRecs%>&page=<%=strPage%>" <%If strCo = "" Then Response.Write " selected" End If%>>Select</option>
<% If NOT objRS7.EOF Then
WHILE NOT objRS7.EOF
If objRS7("County") <> "" Then %>
<option value="dbSearch.asp?uid=<%=strUName%>&q=&o=<%=strOrd%>&f=<%=strFam%>&g=<%=strGen%>&sp=<%=strSp%>&cn=<%=strCn%>&st=<%=strSt%>&co=<%=objRS7("County")%>&recs=<%=strRecs%>&page=<%=strPage%>" <%If strCo = objRS7("County") Then Response.Write " selected" End If%>><%=objRS7("County")%></option>
<% End If
objRS7.MoveNext
WEND
End If
objRS7.Close
Set objRS7 = nothing
objConn7.Close
Set objConn7 = nothing
Set cmd7 = nothing
%>
</select>
</div> <!-- END County dropdown -->
<% End If %>
所以,选择国家和国家下拉列表并且应该出现县域下拉列表时,我收到上面列出的错误。导致错误的行如上所示 (
我的问题是,任何人都可以在代码中看到可能导致此错误的原因。根据错误文本,似乎 cmd7 对象可能无法正确创建或识别(?),但我遵循了我在 Stack Overflow 等网站上看到的陈述。任何帮助将不胜感激。
另外,我是否正确地过滤了下拉列表,或者是否有更好的方法来使用参数?
解决方法
正如@Flakes 和@user692942 上面指出的,append 方法不接受赋值(=),因此修复原始错误的正确解决方案应该是编写如下的 append 语句:
cmd7.Parameters.Append cmd7.CreateParameter("@Country",adVarChar,adParamInput,30,strCn)