Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确 [英] Microsoft OLE DB Provider for SQL Server error '80040e14' Incorrect syntax near '='
本文介绍了Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当我尝试使用以下代码从数据库中检索数据时出现此错误.
I get this error when i try to retrieve the data from database using the following piece of code.
有人可以帮忙吗?
set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = " & Request.Form("CompanyId")
rs.Open sql, cnn
推荐答案
首先,在不使用参数的情况下进行即席查询是不好的做法.SQL 注入攻击信息:http://en.wikipedia.org/wiki/SQL_injection
First of all, this is bad practice to do ad-hoc queries without using parameters. SQL Injection attack info: http://en.wikipedia.org/wiki/SQL_injection
不过,要回答这个问题,您需要在要搜索的 varchar 或 char 值周围加上单引号.
To answer the question, though, you need to have single quotes around your varchar or char value that you are searching for.
set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = '" & Request.Form("CompanyId") & "'"
rs.Open sql, cnn
这篇关于Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文