Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确 [英] Microsoft OLE DB Provider for SQL Server error '80040e14' Incorrect syntax near '='

问题描述

当我尝试使用以下代码从数据库中检索数据时出现此错误.

I get this error when i try to retrieve the data from database using the following piece of code.

有人可以帮忙吗?

set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = " & Request.Form("CompanyId")
rs.Open sql, cnn

推荐答案

首先，在不使用参数的情况下进行即席查询是不好的做法.SQL 注入攻击信息:http://en.wikipedia.org/wiki/SQL_injection

First of all, this is bad practice to do ad-hoc queries without using parameters. SQL Injection attack info: http://en.wikipedia.org/wiki/SQL_injection

不过，要回答这个问题，您需要在要搜索的 varchar 或 char 值周围加上单引号.

To answer the question, though, you need to have single quotes around your varchar or char value that you are searching for.

set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = '" & Request.Form("CompanyId") & "'"
rs.Open sql, cnn

这篇关于Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！