要在VB6中更新的SQL命令 [英] SQL command to update in VB6

问题描述

大家好，



我使用VB6和DAO连接Access。



我想要使用VB更新访问中的记录。要更新的列名和注释将由用户在文本框中提供。请提供相同的SQL命令。



我在下面试过但不工作



更新Sheet1 SET'&text6.text&'='&text47.Text&'Where Vertical ='&Combo1.text&'

Hi all,

I am using VB6 and DAO connnection with Access.

I want to update the records in access using VB. The column name and comments to be updated will be provided by user in text box. Please provide me the SQL command for the same.

I tried below but not working

"UPDATE Sheet1 SET '"&text6.text&"'='"&text47.Text&"'Where Vertical = '" & Combo1.text & "'"

推荐答案

这是一个非常危险的事情：你让自己对SQL注入保持开放。

永远不要连接字符串以形成SQL命令：用户在文本框中键入SQL命令太容易了损坏或破坏您的数据库。始终使用参数化查询。谷歌Bobby桌子，你会看到我的意思...



你的问题的直接原因几乎可以肯定是圆柱名称的引号：它们表示一个字符串到SQL，所以你实际上告诉它将字符串设置为另一个字符串，这是行不通的。



顺便说一句：帮自己一个忙，并且停止使用Visual Studio的默认名称 - 你可能还记得今天的TextBox47是手机号码，但是当你需要修改它的时候是三周时间，那么你呢？使用描述性名称 - 例如tbMobileNo - 您的代码变得更容易阅读，更自我记录，更易于维护 - 并且编码速度更快，因为Intellisense可以通过三次击键来tbMobile，其中TextBox47需要思考约9次击键......

That is a very dangerous thing to do: you leave yourself wide open to SQL Injection.
Never concatenate strings to form an SQL command: it's far, far too easy for the user to type SQL commands in the text box and damage or destroy your database. Always use parameterised queries. Google "Bobby tables" and you'll see what I mean...

And the direct cause of your problem is almost certainly the quotes round column name: they indicate a string to SQL so you are effectively telling it to set a string to another string, which isn't going to work.

BTW: Do yourself a favour, and stop using Visual Studio default names for everything - you may remember that "TextBox47" is the mobile number today, but when you have to modify it is three weeks time, will you then? Use descriptive names - "tbMobileNo" for example - and your code becomes easier to read, more self documenting, easier to maintain - and surprisingly quicker to code because Intellisense can get to to "tbMobile" in three keystrokes, where "TextBox47" takes thinking about and 9 keystrokes...

这篇关于要在VB6中更新的SQL命令的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！