查询值和目标字段数是不一样的错误 [英] Number of query values and destination fields are not the same error
本文介绍了查询值和目标字段数是不一样的错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我得到一个错误,同时将数据插入到数据库中。
I am getting an error while inserting data into a database.
该错误是:
查询值和目标字段数是不一样的
"Number of query values and destination fields are not the same".
插入代码:
OleDbCommand cmd = new OleDbCommand("insert into real values('" + Name + "," + Symbol + "," + Date + "," + Red + "," + RedBuy + "," + RedSell + "," + SBIntraBuy + "," + SBTR1 + "," + SBTR2 + "," + SBTR3 + "," + SBIntraSell + "," + SBTR1 + "," + SBTR2 + "," + SBTR3 + "," + RSTL + "," + Green + "');", con);
OleDbCommand cmd1 = new OleDbCommand("select * from real", con);
temp = 0;
object count = cmd1.ExecuteScalar();
temp = cmd.ExecuteNonQuery();
if (temp > 0)
{
MessageBox.Show("One Record Added");
}
else
{
MessageBox.Show("Record not added");
}
我在做什么错了?
What am I doing wrong?
推荐答案
我觉得你只是错过了一些单引号。我看你附上所有起始参数和结束单引号。请参见这
I think you just missed some single quotes . I see you have enclosed all the parameters with a starting and end single quotes . See this
还有一件事,因为你是通过很多参数的准备的 SqlCommand对象的参数的。
见 MSDN 了解更多详情。
One more thing , as you are passing lot of parameter prepare a SqlCommand Object for Parameters. See msdn for more details.
做这样的事情:
SqlCommand comm = new SqlCommand("INSERT INTO table VALUES (@txtsno, @txtdesg, @txtbasic)", connection);
comm.Parameters.AddWithValue("@txtsno", txtsno.Text.Trim());
comm.Parameters.AddWithValue("@txtsno", txtdesg.Text.Trim());
comm.Parameters.AddWithValue("@txtsno", txtbasic.Text.Trim());
这将是更为清晰,不会是容易的 SQL注入。
This would be more clearer and would not be prone of SQL Injection.
这篇关于查询值和目标字段数是不一样的错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
