无法纠正错误 [英] not able to correct the errors
本文介绍了无法纠正错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
public void Add_scheduled(object sender, EventArgs e)
{
String sql;
sql = "insert into dbo.b_schedule";
sql = sql + "(sdate,scost,sremark,ano)";
sql = sql + "values(Convert(date,'" + adddate.Text + "',103),";
sql = sql + Convert.ToDouble(Mcost.Text) + ",";
sql = sql + "'" + Mremark.Text + "',";
sql = sql + uano.Text + ")";
c.executeqry(sql);
adddate.Text = string.Empty;
Mcost.Text = string.Empty;
Mremark.Text = string.Empty;
uano.Text = string.Empty;
Response.Redirect("BQS.aspx");
}
public void Add_unscheduled(object sender, EventArgs e)
{
String sql;
sql = "insert into dbo.b_unschedule";
sql = sql + "(udate,ucost,d_date,d_reason,uremark,ano)";
sql = sql + "values(Convert(date,'" + mdate.Text + "',103),";
sql = sql + Convert.ToDouble(ucost.Text) + ",";
sql = sql + "'" + ureason.Text + "',";
sql = sql + "'" + udamage.Text + "',";
sql = sql + "'" + uremark.Text + "',";
sql = sql + uano.Text + ")";
c.executeqry(sql);
mdate.Text = string.Empty;
ucost.Text = string.Empty;
ureason.Text = string.Empty;
udamage.Text = string.Empty;
uremark.Text = string.Empty;
uano.Text = string.Empty;
Response.Redirect("BQS.aspx");
}
推荐答案
你说错误发生在
第29行:cmd.ExecuteNonQuery ()
但你的代码片段中没有任何地方可以找到该行!
除了连接字符串以创建查询外,最好使用参数化查询。除了一些针对SQL注入攻击的提示(你还没有想过,有吗?),它们完美地处理了日期/时间值,非ASCII字符,数字格式等等。 SQL查询的错误语法也可能通过这种改变来解决。
You say that the error is at
Line 29: cmd.ExecuteNonQuery()
but nowhere in your code snippets can that line be found!
Instead of concatenating strings to create a query, you'd better use parameterized queries. Apart from some proetction against SQL injection attacks (something you haven't thought of, have you?), they deal perfectly with date/time values, non-ASCII-characters, number formats, and such things. The incorrect syntax of your SQL query will likely be solved by that change too.
你可以使用看到这个链接:
http://forums.asp.net/t/1670566.aspx/1 [ ^ ]
http://www.sqlteam.com/forums /topic.asp?TOPIC_ID=59574 [ ^ ]
public void Add_scheduled(object sender, EventArgs e)
{
String sql;
String str = "server=abc;uid=sa;pwd=sa;initial catalog=master"; // define your server credentials
SqlConnection cn = new SqlConnection(str);
SqlCommand cmd;
sql = "insert into dbo.b_schedule";
sql = sql + "(sdate,scost,sremark,ano)";
sql = sql + "values(" + adddate.Text + "',";
sql = sql + Convert.ToDouble(Mcost.Text) + ",";
sql = sql + "'" + Mremark.Text + "',";
sql = sql + uano.Text + ")";
cmd = new SqlCommand(sql,cn);
cn.Open();
c.executeqry(sql);
cn.Close();
adddate.Text = string.Empty;
Mcost.Text = string.Empty;
Mremark.Text = string.Empty;
uano.Text = string.Empty;
Response.Redirect("BQS.aspx");
}
这篇关于无法纠正错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
