Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确 [英] Microsoft OLE DB Provider for SQL Server error '80040e14' Incorrect syntax near '='

查看:47
本文介绍了Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

当我尝试使用以下代码从数据库中检索数据时出现此错误.

I get this error when i try to retrieve the data from database using the following piece of code.

有人可以帮忙吗?

set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = " & Request.Form("CompanyId")
rs.Open sql, cnn

推荐答案

首先,在不使用参数的情况下进行即席查询是不好的做法.SQL 注入攻击信息:http://en.wikipedia.org/wiki/SQL_injection

First of all, this is bad practice to do ad-hoc queries without using parameters. SQL Injection attack info: http://en.wikipedia.org/wiki/SQL_injection

不过,要回答这个问题,您需要在要搜索的 varchar 或 char 值周围加上单引号.

To answer the question, though, you need to have single quotes around your varchar or char value that you are searching for.

set rs = Server.CreateObject("ADODB.recordset")
sql = " SELECT * from COMPANY WHERE COMPANY_ID = '" & Request.Form("CompanyId") & "'"
rs.Open sql, cnn

这篇关于Microsoft OLE DB Provider for SQL Server 错误“80040e14"“="附近的语法不正确的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆