保存输入的数据时,显示此错误“从字符串“插入到StMaster(ID,Studen”到“Double”类型)的转换无效。 [英] while saving the data entered it is showing this error" Conversion from string "insert into StMaster (ID, Studen" to type 'Double' is not valid.)
本文介绍了保存输入的数据时,显示此错误“从字符串“插入到StMaster(ID,Studen”到“Double”类型)的转换无效。的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
'Imports Microsoft.SqlServer
Imports System.Data
Imports System.Data.SqlClient
'Public Class Form1
' Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
' End Sub
'End Class
Public Class Form1
Public con As New SqlConnection
Public cmd As New SqlCommand
Public Sub clearData()
TextBox1.Text = ""
TextBox2.Text = ""
TextBox3.Text = ""
TextBox4.Text = ""
TextBox5.Text = ""
TextBox6.Text = ""
TextBox7.Text = ""
TextBox8.Text = ""
TextBox9.Text = ""
TextBox10.Text = ""
MaskedTextBox1.Text = ""
TextBox12.Text = ""
TextBox13.Text = ""
End Sub
Public Sub CreateCommand(ByVal queryString As String, ByVal connectionString As String)
con = New SqlConnection(connectionString)
con.Open()
cmd = New SqlCommand(queryString, con)
cmd.ExecuteNonQuery()
End Sub
Private Sub cmdSave_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSave.Click
Dim connetionString As String
Dim sqlquery As String
connetionString = "Data Source=Home-pc\SQLEXPRESS; Initial Catalog=School; Integrated Security=True"
Dim ID As Integer
Dim StudentName As String
Dim FatherName As String
Dim Address1 As String
Dim Address2 As String
Dim City As String
Dim Pincode As Integer
Dim Standard As String
Dim Section As String
Dim Fees As Integer
Dim Joining As String
Dim Stream As String
Dim Phone As String
'End Sub
'Sub Main()
'End Sub
' Function cDate (value as object ) As date
ID = Val(TextBox1.Text & "")
StudentName = TextBox2.Text
FatherName = TextBox3.Text
Address1 = TextBox4.Text
Address2 = TextBox5.Text
City = TextBox6.Text
Pincode = Val(TextBox7.Text & "")
Standard = TextBox8.Text
Section = TextBox9.Text
Fees = Val(TextBox10.Text & "")
Joining = MaskedTextBox1.Text
Stream = TextBox12.Text
Phone = TextBox13.Text
If IsDate(Joining) Then
sqlquery = "insert into StMaster (ID, StudentName , FatherName , Address1 , Address2, City, Pincode, standard, section, fees, joining, stream, phone) Values (" + ID + ",'" + StudentName + "','" + FatherName + "','" + Address1 + "','" + Address2 + "','" + City + "'," + Pincode + ",'" + Standard + "','" + Section + "'," + Fees + ",'" + FormatDateTime(Joining, ("dd/MMM/yyyy")) + "','" + Stream + "','" + Phone + "')"
Try
CreateCommand(sqlquery, connetionString)
MsgBox("Data is successfully stored ! ")
clearData()
Catch ex As Exception
MessageBox.Show("Error while inserting record on table..." & ex.Message, "Insert Records")
Finally
con.Close()
End Try
Else
MsgBox("DATE FORMAT IS NOT CORRECT")
End If
End Sub
Private Sub cmdCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdcancel.Click
Close()
End Sub
Private Sub frmLogin_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
TextBox1.Text = ""
TextBox2.Text = ""
TextBox3.Text = ""
TextBox4.Text = ""
TextBox5.Text = ""
TextBox6.Text = ""
TextBox7.Text = ""
TextBox8.Text = ""
TextBox9.Text = ""
TextBox10.Text = ""
MaskedTextBox1.Text = ""
TextBox12.Text = ""
TextBox13.Text = ""
TextBox1.Focus()
End Sub
Private Sub Label1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Label1.Click
End Sub
Private Sub Cmdsave_Click_1(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Cmdsave.Click
End Sub
Private Sub TextBox7_TextChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles TextBox7.TextChanged
End Sub
Private Sub Label3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Label3.Click
End Sub
Private Sub Label7_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Label7.Click
End Sub
End Class
[信息]使用正确的格式 - Maciej Los [/ Info]
[Info]Use proper formatting - Maciej Los[/Info]
推荐答案
永不连接用于形成SQL命令的字符串!它让您对SQL注入攻击持开放态度,这可能会破坏或破坏您的数据库。总是使用参数化查询。
这样做可以同时解决您的问题 - 并使您的代码更具可读性。
Never concatenate strings to form an SQL command! It leaves you wide open to SQL Injection Attack which can damage or destroy your database. Always use parametrised queries instead.
And doing that will get rid of your problem at the same time - as well as making your code more readable.
检查您的id值类型。如错误所示,从字符串到double的转换无效。
使用命令参数 [ ^ ]以避免陷入此类问题。
Check your id value type. As the error suggests, conversion from string to double is not valid.
Use command parameters[^] to avoid getting into this kind of issues.
这篇关于保存输入的数据时,显示此错误“从字符串“插入到StMaster(ID,Studen”到“Double”类型)的转换无效。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文