{"查询值和目标字段的数量不相同。“} [英] {"Number of query values and destination fields are not the same."}

问题描述

OleDbConnection con = new OleDbConnection(@"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=E:\Messdatabase.mdb");
st = "insert into Member_Datails(Name,Gender,Address,Contactno,Paid_Amount,Count_Remaining,Joining_date) values('" + name + "','" + gender + "','" + address + "','" + ContactNo + "','" + PaidAmount + "','" + SetThali + "','" + "','" + joiningdate + "')";
                    //SqlCommand cmd1 = new SqlCommand(st, con);
                    OleDbCommand cmd = new OleDbCommand(st, con);

                    cmd.ExecuteNonQuery();



want insert only selected field in access database

推荐答案

这就是为什么你应该使用参数化查询，而不是concat字符串，这是c＃的开销。看这里：'，'+'，'。你看到了问题吗？你在括号内有7个参数，在值部分有8个，因为这个。



好​​好看看这个教程： https://derekreynolds.wordpress.com/2011/05/16 / using-sqlcommand-and-addwithvalue-parameters-to-execute-sql-insert / [ ^ ]，并在你获得更多headacks之前重写你的代码......

This is why you should use parametrized queries, and not concat string, which is an overhead in c#. Look here: "','" + "','". Do you see the problem? You have 7 parameters inside the parentheses, and 8 in the values section, because of this one.

Have a good look at this tutorial: https://derekreynolds.wordpress.com/2011/05/16/using-sqlcommand-and-addwithvalue-parameters-to-execute-sql-insert/[^], and rewrite your code before more you get more headacks...

哦亲爱的...



错误信息非常明确：

Oh dear...

The error message is pretty explicit:

Number of query values and destination fields are not the same.

因此，您在列中列出的字段数量：

So the number of fields you list in teh columns:

INSERT INTO (col1, col2, col3) ...

与您传递的值的数量不匹配：

Does not match teh number of values you are passing through:

... VALUES 1,2,3,4

如果您从查询中删除打包很明显：

And if you cut out the "packaging" from your query it's pretty obvious:

st = "insert into Member_Datails(Name,Gender,Address,Contactno,Paid_Amount,Count_Remaining,Joining_date) values('name','gender','address','ContactNo','PaidAmount','SetThali','','joiningdate')";

你有7列命名和8个值。



但是......不要这样做！不要连接字符串以构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。使用参数化查询。

You have 7 columns named, and 8 values.

But...don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

使用参数化查询，它更安全，你可以避免不正确的数据格式等问题。

use parameterized query, it is more safe and you can avoid issues like incorrect data formats etc..

insert into Member_Datails(Name,Gender,Address,Contactno,Paid_Amount,Count_Remaining,Joining_date) values(?,?,?,?,?,?,?)

如上所述更改sql语句并将参数值设置为insert语句中给出的序列

change the sql statement as above and set the parameter values as the sequence given in the insert statement

OleDbCommand cmd = new OleDbCommand("insert into Member_Datails(Name,Gender,Address,Contactno,Paid_Amount,Count_Remaining,Joining_date) values(?,?,?,?,?,?,?)", con);
cmd.Parameters.AddWithValue("@Name", name);
cmd.Parameters.AddWithValue("@Gender", gender);
cmd.Parameters.AddWithValue("@Address", address);
cmd.Parameters.AddWithValue("@Contactno", ContactNo );
cmd.Parameters.AddWithValue("@PaidAmount", PaidAmount);
cmd.Parameters.AddWithValue("@Count_Remaining", CountRemaining);
cmd.Parameters.AddWithValue("@Joining_date", joiningdate);
con.Open();
cmd.ExecuteNonQuery();

这篇关于{"查询值和目标字段的数量不相同。“}的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！