复选框到数据库表 [英] checkbox into database table
问题描述
此查询使用ODBC连接写入添加按钮和m。我需要将复选框值添加到数据库表中的一列中,即。指定。下面的cade给出了一个错误。
我是初学者所以我想要完整的解释。
Dim con As New Odbc.OdbcConnection(dsn = dem; uid = root; pwd = root)
Dim str As String
Private Sub btnadd_Click(ByVal sender As System.Object,ByVal e As System.EventArgs)处理btnadd.Click
如果chkincharge.Checked那么
a = chkincharge.Text.ToString
ElseIf chkadditionalincharge.Checked那么
b = chkadditionalincharge.Text.ToString
ElseIf chkmember.Checked那么
c = chkmember .Text.ToString
结束如果
con.Open( )
Dim cmd As New Odbc.OdbcCommand(插入复选框值(''+ DateTimePicker1.Value.Date.ToString(yyyy / mm / dd)+'','' + cmbcommitteename.Text +'',''+ cmbmembers.Text + ',''+ a +'',''+ b +'',''+ c +''),con)
cmd.ExecuteNonQuery()
con.Close()
MsgBox(记录添加成功)
''txteventtitle.Text =
''rchdescription.Text =
''DateTimePicker1.Text = Date.Now
结束次级
提前谢谢
This Query is written in Add button and m using ODBC connection. i need to add check box value into one column in database table ie. designation. the below cade is giving an error.
I am a beginner so i want full explanation pls.
Dim con As New Odbc.OdbcConnection("dsn=dem;uid=root;pwd=root")
Dim str As String
Private Sub btnadd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnadd.Click
If chkincharge.Checked Then
a = chkincharge.Text.ToString
ElseIf chkadditionalincharge.Checked Then
b = chkadditionalincharge.Text.ToString
ElseIf chkmember.Checked Then
c = chkmember.Text.ToString
End If
con.Open()
Dim cmd As New Odbc.OdbcCommand("insert into checkbox values(''" + DateTimePicker1.Value.Date.ToString("yyyy/mm/dd") + "'',''" + cmbcommitteename.Text + "'',''" + cmbmembers.Text + "'',''" + a + "'',''" + b + "'',''" + c + "'')", con)
cmd.ExecuteNonQuery()
con.Close()
MsgBox("Record added successfully")
''txteventtitle.Text = ""
''rchdescription.Text = ""
''DateTimePicker1.Text = Date.Now
End Sub
thank u in advance
推荐答案
不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度,这可能会破坏您的整个数据库。请改用参数化查询。
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Dim cmd As New Odbc.OdbcCommand("INSERT INTO checkbox VALUES(@DT, @CN, @MB, @A, @B, @C)", con)
cmd.Parameters.AddWithValue("@DT", DateTimePicker1.Value.Date)
cmd.Parameters.AddWithValue("@CN", cmbcommitteename.Text)
cmd.Parameters.AddWithValue("@MB", cmbmembers.Text)
cmd.Parameters.AddWithValue("@A", a)
cmd.Parameters.AddWithValue("@B", b)
cmd.Parameters.AddWithValue("@C", c)
cmd.ExecuteNonQuery()
con.Close()
并命名你的字段!如果你不这样做,那么如果添加或删除了一个列,你就会遇到问题。
And name your fields! If you don''t, then you are risking problems if a column is added or removed.
这篇关于复选框到数据库表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!