“('。?附近的语法不正确? [英] Incorrect syntax near '('. ?
本文介绍了“('。?附近的语法不正确?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
{
{
try
{
cn.Open();
int i = 0;
String ads = "INSERT into TableForce (Id,Name_of_the_customer,Certificate_No,Name_of_the_instrument,Received_on,";
ads = ads + "Calibrated_On,Calibration_due_dat(e),Make,Model,Mode_of_Calibration,Serial_No,Identification_No,";
ads=ads+"Temperature,Capacity_,Calibrated_Range,Resolution,Condition_on_receipt,Location,Relative_humidity,";
ads=ads+"Calibration_done_as_per_procedure_no,Standard_procedure,Nomenclature,Range_from,Certificate_Number,";
ads=ads+"Uncertainity,Capacity,Dial_No,Validity,Nomenclature-,Range_from-,Certificate_Number-,Uncertainity-,";
ads=ads+"Capacity-,Dial_No-,Validity-,Indicated_force,Standard_reading,Corrected_reading,Test_position,Mean,";
ads=ads+"Error,Repeatablity,Minimum_readable_resolution_of_the_indicator,Expanded_Uncertainty,";
ads = ads + "Certificate Issue dat(e),Location of Calibration,Calibrated By,Authorized By,Load1,Load2,relative_resolution,mt,rt,mc,rze)";
ads = ads + "values('" + iDTextBox.Text + "','" + name_of_the_customerRichTextBox.Text + "','";
ads = ads + certificate_NoTextBox.Text + "','" + name_of_the_instrumentTextBox.Text + "','" + received_onDateTimePicker.Text;
ads = ads + "','" + calibrated_OnDateTimePicker.Text + "','" + calibration_due_dat_e_DateTimePicker.Text + "','";
ads = ads + makeTextBox.Text + "','" + modelTextBox.Text + "','" + mode_of_CalibrationTextBox.Text;
ads = ads + "','" + serial_NoTextBox.Text + "','" + identification_NoTextBox.Text + "','";
ads = ads + temperatureTextBox.Text + "','" + capacity_TextBox.Text + "','" + calibrated_RangeTextBox.Text;
ads = ads + resolutionTextBox.Text + "','" + condition_on_receiptTextBox.Text + "','" + locationTextBox.Text;
ads = ads + relative_humidityTextBox.Text + "','" + calibration_done_as_per_procedure_noTextBox.Text + "','" + standard_procedureTextBox.Text;
ads = ads + nomenclatureTextBox.Text + "','" + range_fromTextBox.Text + "','" + certificate_NumberTextBox.Text;
ads = ads + textBox8.Text + "','" + capacityTextBox.Text + "','" + dial_NoTextBox.Text;
ads = ads + validityDateTimePicker.Text + "','" + nomenclature_TextBox.Text + "','" + range_from_TextBox.Text;
ads = ads + certificate_Number_TextBox.Text + "','" + textBox16.Text + "','" + capacity_TextBox1.Text;
ads = ads + dial_No_TextBox.Text + "','" + validity_DateTimePicker.Text + "','" + textBox4.Text;
ads = ads + textBox3.Text + "','" + textBox17.Text + "','" + textBox1.Text;
ads = ads + textBox2.Text + "','" + textBox6.Text + "','" + textBox5.Text;
ads = ads + textBox11.Text + "','" + textBox7.Text + "','" + certificate_Issue_dat_e_DateTimePicker.Text;
ads = ads + location_of_CalibrationDomainUpDown.Text + "','" + calibrated_ByTextBox.Text + "','" + authorized_ByTextBox.Text;
ads = ads + load1TextBox.Text + "','" + load2TextBox.Text + "','" + textBox9.Text;
ads = ads + textBox24.Text + "','" + textBox25.Text + "','" + textBox13.Text;
ads = ads + textBox12.Text;
ads=ads+ "');";
SqlCommand cmd = new SqlCommand(ads, cn);
MemoryStream stream = new MemoryStream();
i = cmd.ExecuteNonQuery();
if (i > 0)
{
MessageBox.Show("DATA SAVED");
}
iDTextBox.Text = Convert.ToString(Convert.ToDouble(iDTextBox.Text) + 1);
cn.Close();
}
finally
{
cn.Close();
}
}
}
我尝试了什么:
当我试图点击保存按钮时它会显示'('。
What I have tried:
while i tried to click save button it shows Incorrect syntax near '('.
推荐答案
你附近的语法错误在Calibration_due_dat(e)中使用特殊字符(,)。你需要使用两个单引号('')来转义它。
注意:你没有遵循sql最佳实践。你的代码很容易注入SQL。
You are using special characters "(" , ")" for example in Calibration_due_dat(e). You need to escape it using two single quote ('').
NOTE: You are not following sql best practice. Your code is prone to SQL injection.
哎哟!
对于初学者,不要这样做!
永远不要连接字符串来构建SQL命令。它会让您对意外或故意的SQL注入攻击敞开大门,这可能会破坏整个数据库。请使用参数化查询。
其次,如果您的列确实以减号结尾,则需要将它们括起来:
Ouch!
For starters, don't do it like that!
Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Secondly, if your columns really do end with a minus sign, you need to enclose them:
ads=ads+"Uncertainity,Capacity,Dial_No,Validity,Nomenclature-,Range_from-,Certificate_Number-,Uncertainity-,";所以试试:
So try:
ads=ads+"Uncertainity,Capacity,Dial_No,Validity,[Nomenclature-],[Range_from-],[Certificate_Number-],[Uncertainity-],";虽然我个人而言,我会更改名称:以特殊字符结尾并不是一个好主意。
请 - 为您的自己的缘故停止使用Visual Studio默认名称 - 你可能还记得今天的TextBox8是手机号码,但是当你必须在三周内修改它时,你会这样吗?使用描述性名称 - 例如tbMobileNo - 您的代码变得更容易阅读,更自我记录,更易于维护 - 并且编码速度更快,因为Intellisense可以通过三次击键来tbMobile,其中TextBox8需要思考大概和8次击键...
Though personally, I would change the names: ending with a special character is not a good idea.
And please - for your own sake stop using Visual Studio default names for everything - you may remember that "TextBox8" is the mobile number today, but when you have to modify it in three weeks time, will you then? Use descriptive names - "tbMobileNo" for example - and your code becomes easier to read, more self documenting, easier to maintain - and surprisingly quicker to code because Intellisense can get to to "tbMobile" in three keystrokes, where "TextBox8" takes thinking about and 8 keystrokes...
最后我得到了解决方案.....
这里代码是
{
{
试试
{
cn.Open();
int i = 0;
String ads = @INSERT into TableForce(Id,Name_of_the_customer,Certificate_No,Name_of_the_instrument ,Received_on,Calibrated_On,Calibration_due_date,品牌,型号,Mode_of_Calibration,Serial_No,Identification_No,温度,Capacity_,Calibrated_Range,分辨率,Condition_on_receipt,地点,Relative_humidity,Calibration_done_as_per_procedure_no,Standard_procedure,Nomenclatur即,Range_from,Certificate_Number,不确定条件,能力,Dial_No,有效期,Nomenclature1,Range_from1,Certificate_Number1,Uncertainity1,容量1,Dial_No1,Validity1,Indicated_force,Standard_reading,Corrected_reading,Test_position,平均值,错误,Repeatablity,Minimum_readable_resolution_of_the_indicator,Expanded_Uncertainty,Certificate_Issue_date,Location_of_Calibration, Calibrated_By,Authorized_By,Load1,Load2,relative_resolution,mt,rt,mc,rze)values('+ iDTextBox.Text +','+ name_of_the_customerRichTextBox.Text +','+ certificate_NoTextBox.Text +', '+ name_of_the_instrumentTextBox.Text +','+ received_onDateTimePicker.Text +','+ calibrated_OnDateTimePicker.Text +','+ calibration_due_dat_e_DateTimePicker.Text +','+ makeTextBox.Text +', '+ modelTextBox.Text +','+ mode_of_CalibrationTextBox.Text +','+ serial_NoTextBox.Text +','+ identification_NoTextBox.Text +','+ temperatureTextBox.Text +', '电容ty_TextBox.Text +','+ calibrated_RangeTextBox.Text +','+ resolutionTextBox.Text +','+ condition_on_receiptTextBox.Text +','+ locationTextBox.Text +','+ relative_humidityTextBox.Text +','+ calibration_done_as_per_procedure_noTextBox.Text +','+ standard_procedureTextBox.Text +','+ nomenclatureTextBox.Text +','+ range_fromTextBox.Text +','+ certificate_NumberTextBox.Text +','+ textBox8.Text +','+ capacityTextBox.Text +','+ dial_NoTextBox.Text +','+ validityDateTimePicker.Text +','+ nomenclature_TextBox.Text +','+ range_from_TextBox.Text +','+ certificate_Number_TextBox.Text +','+ textBox16.Text +','+ capacity_TextBox1.Text +','+ dial_No_TextBox.Text +','+ validity_DateTimePicker.Text +','+ textBox4.Text +','+ textBox3.Text +','+ textBox17.Text +','+ textBox1.Text +','+ textBox2.Text + ','+ textBox6.Text +','+ textBox5.Text +','+ textBox11.Text +','+ textBox7.Text +','+ certificate_Issue_dat_e_DateTimePicker.Text + ','+ location_of_CalibrationDomainUpDown.Text +','+ calibrated_ByTextBox.Text +','+ authorized_ByTextBox.Text +','+ load1TextBox.Text +','+ load2TextBox.Text + ','+ textBox9.Text +','+ textBox24.Text +','+ textBox25.Text +','+ textBox13.Text +','+ textBox12.Text + ');;
SqlCommand cmd = new SqlCommand(ads,cn);
MemoryStream stream = new MemoryStream();
i = cmd.ExecuteNonQuery();
if(i> 0)
{
MessageBox.Show(DATA SAVED);
}
iDTextBox.Text = Convert.ToString(Convert.ToDouble(iDTextBox.Text)+ 1);
cn.Close();
// Showdata();
//清除();
}
终于
{
cn.Close();
}
}
}
Finally I got sol.....
here the code is
{
{
try
{
cn.Open();
int i = 0;
String ads = @"INSERT into TableForce (Id,Name_of_the_customer,Certificate_No,Name_of_the_instrument,Received_on,Calibrated_On,Calibration_due_date,Make,Model,Mode_of_Calibration,Serial_No,Identification_No,Temperature,Capacity_,Calibrated_Range,Resolution,Condition_on_receipt,Location,Relative_humidity,Calibration_done_as_per_procedure_no,Standard_procedure,Nomenclature,Range_from,Certificate_Number,Uncertainity,Capacity,Dial_No,Validity,Nomenclature1,Range_from1,Certificate_Number1,Uncertainity1,Capacity1,Dial_No1,Validity1,Indicated_force,Standard_reading,Corrected_reading,Test_position,Mean,Error,Repeatablity,Minimum_readable_resolution_of_the_indicator,Expanded_Uncertainty,Certificate_Issue_date,Location_of_Calibration,Calibrated_By,Authorized_By,Load1,Load2,relative_resolution,mt,rt,mc,rze)values('" + iDTextBox.Text + "','" + name_of_the_customerRichTextBox.Text + "','" + certificate_NoTextBox.Text + "','" + name_of_the_instrumentTextBox.Text + "','" + received_onDateTimePicker.Text + "','" + calibrated_OnDateTimePicker.Text + "','" + calibration_due_dat_e_DateTimePicker.Text + "','" + makeTextBox.Text + "','" + modelTextBox.Text + "','" + mode_of_CalibrationTextBox.Text + "','" + serial_NoTextBox.Text + "','" + identification_NoTextBox.Text + "','" + temperatureTextBox.Text + "','" + capacity_TextBox.Text + "','" + calibrated_RangeTextBox.Text + "','" + resolutionTextBox.Text + "','" + condition_on_receiptTextBox.Text + "','" + locationTextBox.Text + "','" + relative_humidityTextBox.Text + "','" + calibration_done_as_per_procedure_noTextBox.Text + "','" + standard_procedureTextBox.Text + "','" + nomenclatureTextBox.Text + "','" + range_fromTextBox.Text + "','" + certificate_NumberTextBox.Text + "','" + textBox8.Text + "','" + capacityTextBox.Text + "','" + dial_NoTextBox.Text + "','" + validityDateTimePicker.Text + "','" + nomenclature_TextBox.Text + "','" + range_from_TextBox.Text + "','" + certificate_Number_TextBox.Text + "','" + textBox16.Text + "','" + capacity_TextBox1.Text + "','" + dial_No_TextBox.Text + "','" + validity_DateTimePicker.Text + "','" + textBox4.Text + "','" + textBox3.Text + "','" + textBox17.Text + "','" + textBox1.Text + "','" + textBox2.Text + "','" + textBox6.Text + "','" + textBox5.Text + "','" + textBox11.Text + "','" + textBox7.Text + "','" + certificate_Issue_dat_e_DateTimePicker.Text + "','" + location_of_CalibrationDomainUpDown.Text + "','" + calibrated_ByTextBox.Text + "','" + authorized_ByTextBox.Text + "','" + load1TextBox.Text + "','" + load2TextBox.Text + "','" + textBox9.Text + "','" + textBox24.Text + "','" + textBox25.Text + "','" + textBox13.Text + "','" + textBox12.Text + "');";
SqlCommand cmd = new SqlCommand(ads, cn);
MemoryStream stream = new MemoryStream();
i = cmd.ExecuteNonQuery();
if (i > 0)
{
MessageBox.Show("DATA SAVED");
}
iDTextBox.Text = Convert.ToString(Convert.ToDouble(iDTextBox.Text) + 1);
cn.Close();
// Showdata();
// Clear();
}
finally
{
cn.Close();
}
}
}
这篇关于“('。?附近的语法不正确?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
