帮助我如何解决此消息(UPDATE语句中的语法错误.)? [英] help me how can slove this message (Syntax error in UPDATE statement.)?

问题描述

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.OleDb;
namespace WindowsFormsApplication35
{
    public partial class Form3 : Form
    {
        public Form3()
        {
            InitializeComponent();
        }
        private void button1_Click(object sender, EventArgs e)
        {
            OleDbConnection cn = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\qq.accdb;Persist Security Info=False");
            cn.Open();
            OleDbCommand cm=new OleDbCommand("UPDATE qq SET ahmed=''"+textBox1.Text+"'',ali="+textBox2.Text+",NOTE=''"+textBox3.Text+"'' WHERE ID="+comboBox1.Text,cn);
            cm.ExecuteNonQuery();
            cn.Close();
            MessageBox.Show("done");
        }
        private void button2_Click(object sender, EventArgs e)
        {
            OleDbConnection cn = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\qq.accdb;Persist Security Info=False");
            OleDbDataAdapter da = new OleDbDataAdapter("select *from qq where ID=" + comboBox1.Text, cn);
            DataSet ds = new DataSet();
            da.Fill(ds, "qq");
            textBox1.DataBindings.Add("text", ds, "qq.ahmed");
            textBox2.DataBindings.Add("text", ds, "qq.ali");
           textBox3.DataBindings.Add("text", ds, "qq.NOTE");
        }
        private void Form3_Load(object sender, EventArgs e)
        {
            OleDbConnection cn = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\qq.accdb;Persist Security Info=False");
            OleDbDataAdapter da = new OleDbDataAdapter("select ID from qq", cn);
            DataSet ds = new DataSet();
            da.Fill(ds, "qq");
            comboBox1.DataSource = ds.Tables["qq"];
            comboBox1.DisplayMember = "ID";
        }
    }
}

它在UPDATE语句中的框内语法错误中添加消息框(未处理OleDbException)之后在访问项中添加新列(注意)之前起作用. 我检查了所有内容，确定了

it work before add new column in acess (NOTE) after add messagebox (OleDbException was unhandled)inside the box Syntax error in UPDATE statement.
I checked every thing its Ok

推荐答案

您不应该使用

You shouldnt be using

"UPDATE qq SET ahmed=''"+textBox1.Text+"'',ali="+textBox2.Text+",NOTE=''"+textBox3.Text+"'' WHERE ID="+comboBox1.Text

这意味着如果我在textBox1.Text中编写Mc''Donald，它将在Update语句中将我弄错.

相反，您应该始终使用
Update qq Set ahmed=@pahmed....

您稍后使用
将其添加为参数

It means if I write Mc''Donald in textBox1.Text it will error me out in Update statement.

Rather you should always use
Update qq Set ahmed=@pahmed....

Which you later add as parameter using

cm.Parameters.Add(new SqlParameter("@pahmed", ...

我认为这将是更好的做法，因为它还会处理Sql Injection.

:cool:

I think this would be better practice as it will also take care of Sql Injection.

:cool:

可能是因为您缺少单引号，即此行

It is probably because you have missing single quotes i.e. this line

OleDbCommand cm=new OleDbCommand("UPDATE qq SET ahmed=''"+textBox1.Text+"'',ali="+textBox2.Text+",NOTE=''"+textBox3.Text+"'' WHERE ID="+comboBox1.Text,cn);

应该这样写

Should be written like this

OleDbCommand cm=new OleDbCommand("UPDATE qq SET ahmed=''"+textBox1.Text+"'',ali=''"+textBox2.Text+"'',NOTE=''"+textBox3.Text+"'' WHERE ID="+comboBox1.Text,cn);

您错过了textBox2.Text
周围的单引号
请让我知道这是否可以解决您的问题:).

you missed the single quotes around textBox2.Text

Please, let me know if this solves your problem :) .

而且我必须同意Abhishek Sur的做法，这是更好的方法:).

And i have to agree with Abhishek Sur this is a much better practice :).

这篇关于帮助我如何解决此消息(UPDATE语句中的语法错误.)?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！