错误说更新语句中存在语法错误(visual basic) [英] the error says that there is a syntax error in the update statement (visual basic)
问题描述
Private Sub btnedit_Click(ByVal sender As System.Object,ByVal e As System.EventArgs)处理btnedit.Click
connect.Open()
Dim cmd作为OleDb .OleDbCommand =新的OleDb.OleDbCommand(SELECT * FROM KingdomAnimalia,connect)
sql =UPDATE KingdomAnimalia SET Genus ='&txtgenus.Text&',Family ='&txtfamily。 Text&',Order ='&txtorder.Text&',Class ='&txtclass.Text&',Phylum ='&txtphylum.Text&',where Species ='&txtspecies.Text &'
cmd =新的OleDb.OleDbCommand(sql,connect)
cmd.ExecuteNonQuery()
connect.Close()
MsgBox(更新)
结束Sub
Private Sub btnedit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnedit.Click
connect.Open()
Dim cmd As OleDb.OleDbCommand = New OleDb.OleDbCommand("SELECT * FROM KingdomAnimalia", connect)
sql = "UPDATE KingdomAnimalia SET Genus ='" & txtgenus.Text & "', Family ='" & txtfamily.Text & "', Order ='" & txtorder.Text & "', Class ='" & txtclass.Text & "', Phylum ='" & txtphylum.Text & "', where Species ='" & txtspecies.Text & "'"
cmd = New OleDb.OleDbCommand(sql, connect)
cmd.ExecuteNonQuery()
connect.Close()
MsgBox("Updated")
End Sub
推荐答案
1。订单是一个关键词,所以你需要把它放在[]
2.不要写这样的代码,你的代码是开放的SQL注入。而是将您的sql更改为以下内容:
1. Order is a key word so you'll need to put it in []
2. Don't ever write code like this, your code is open to sql injection. Instead change your sql to something like the following:
sql = "UPDATE KingdomAnimals SET Genus = @Genus, Family = @Family... ";
cmd.Parameters.AddWithValue("@Genus", txtgenus.Text);
cmd.Parameters.AddWithValue("@Family", txtfamily.Text);
...
这篇关于错误说更新语句中存在语法错误(visual basic)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!