备份SQL数据库语法不正确 [英] Backup SQL database incorrect syntax
问题描述
我正在尝试在c#中备份我的数据库。我为此写了一些代码。虽然我试图执行它是告诉语法错误。帮助我。 I am Trying to take backup of my database in c#. I wrote some code for that. While I am trying to execute it is telling syntax error. Help me with this. 这篇关于备份SQL数据库语法不正确的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
这里我的代码
<前lang =c#> string database = con.Database.ToString();
尝试
{
如果(textBox1.Text == < span class =code-keyword> string .Empty)
{
MessageBox.Show( 请输入路径);
}
else
{
string cmd = ( BACKUP DATABASE [ + database + ] TO DISK' + textBox1.Text + \\ + 数据库 + - + DateTime.Now.ToString( yyyy-MM-dd - HHmmss)+ .bak' 跨度>);
使用(SqlCommand command = new SqlCommand(cmd,con))
{
if (con.State!= ConnectionState.Open)
{
con.Open();
}
command.ExecuteNonQuery();
con.Close();
MessageBox.Show( 备份已成功完成);
}
}
}
catch (例外情况)
{
MessageBox.Show (ex.Message);
}
我的尝试:
我无法追踪该错误。试试这个:用C#备份SQL数据库 [ ^ ]
永远不要使用这样的SQL!永远不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。请改用参数化查询。尝试备份时SQL注入易受攻击的代码?那只是愚蠢和危险......
最后我跟踪了。我错过了在磁盘后输入=符号。
string cmd =(BACKUP DATABASE [+ database +] TO DISK =
Here My code
string database = con.Database.ToString();
try
{
if (textBox1.Text == string.Empty)
{
MessageBox.Show("Please Enter Path");
}
else
{
string cmd = ("BACKUP DATABASE [" + database + "] TO DISK '" + textBox1.Text + "\\" + "Database" +"-"+ DateTime.Now.ToString("yyyy-MM-dd--HHmmss")+".bak'");
using (SqlCommand command = new SqlCommand(cmd, con))
{
if (con.State != ConnectionState.Open)
{
con.Open();
}
command.ExecuteNonQuery();
con.Close();
MessageBox.Show("Backup Completed Successfully");
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
What I have tried:
I am unable to trace that error.Try this: Backing up an SQL Database in C#[^]
And never use SQL like that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead. SQL Injection vulnerable code when you try to backup? That's just plain stupid as well as dangerous...Finally I traced. I missed to enter "=" sign after disk.
string cmd = ("BACKUP DATABASE [" + database + "] TO DISK=