语法错误而插入数据的MS Access表 [英] syntax error while inserting data into ms access table

问题描述

我有以下代码：

OleDbConnection aConnection = new
                    OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;
                                 Data Source=storage_db.accdb");
string sql = "INSERT INTO Client cname,phone,password)
                           VALUES('"+textBox1.Text+"','"+textBox2.Text+"',
                                  '"+textBox3.Text+"')";
aConnection.Open();
OleDbCommand insert = new OleDbCommand(sql, aConnection);
insert.ExecuteNonQuery();
aConnection.Close();

但是，当我尝试插入数据我收到的插入查询异常语法错误。我在做什么错了？

But when I try to insert data I am getting an exception syntax error in insert query. What am I doing wrong?

推荐答案

密码是一个保留字访问所以你需要换行密码列在方括号中查询。您还需要你在插入数据的列包装成在括号：

Password is a reserved word in Access so you need to wrap the password column in square brackets in your query. You also need to wrap the columns you're inserting data into in parentheses:

INSERT INTO (Client cname,phone,[password]) VALUES(...

由于@HarveySpecter在评论中指出，你也应该使用参数化查询，而不是将用户输入连接，否则你打开自己到SQL注入攻击。

As @HarveySpecter points out in the comments you should also use a parameterized query rather than concatenating user input otherwise you're opening yourself up to SQL injection attacks.

这篇关于语法错误而插入数据的MS Access表的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！