Access 数据库错误:“没有为一个或多个必需参数提供值." [英] Access Database error:: “No value given for one or more required parameters.”

问题描述

我有一个数据网格视图.在这个 DGV 第一列是一个组合框列.I want to make, when this combobox value is selected next fild will be filled automatically from database.但有显示错误.

I have a datagridview. In this DGV first colum is a combobox column. I want to make, when this combobox value is selected next fild will be filled automatically from database. But there shows a error.

没有为一个或多个必需参数给出值OleDbDataReader dr1 = cmd1.ExecuteReader();

No value given for one or more required parameters on OleDbDataReader dr1 = cmd1.ExecuteReader();

我把代码贴出来了.请帮帮我.

I post the code. Please help me.

OleDbConnection con = new OleDbConnection(conn);
con.Open();

for (int i = 0; i < dgv.Rows.Count; i++)
{

    string query = "select Description from General where AccCode='" +
        dgv.Rows[i].Cells[0].Value +
        "' and conpanyID='" +
        label1.Text + "'";
    OleDbCommand cmd1 = new OleDbCommand(query, con);
    //OleDbDataAdapter daBranchName = new OleDbDataAdapter(cmd);
    OleDbDataReader dr1 = cmd1.ExecuteReader();
    while (dr1.Read())
    {
        dgv.Rows[i].Cells[1].Value = dr1["Description"].ToString();
    }
}
con.Close();

推荐答案

这种字符串连接对SQL 注入 攻击.

This kind of string concatenations are open for SQL Injection attacks.

使用参数化查询 代替.

Use parameterized queries instead.

string query = "select [Description] from [General] where AccCode= ? and conpanyID= ?";
OleDbCommand cmd1 = new OleDbCommand(query, con);
cmd1.Parameters.AddWithValue("@acc", dgv.Rows[i].Cells[0].Value);
cmd1.Parameters.AddWithValue("@ID", label1.Text);

作为 HansUp 指出、Description 和General 是保留关键字.将它们与 [Description] 和 [General]

As HansUp pointed, Description and General are reserved keywords. Use them with square brackets like [Description] and [General]

这篇关于Access 数据库错误:“没有为一个或多个必需参数提供值."的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！