C＃中的插入查询中有什么错误 [英] whats error in insert query in C#

问题描述

string insert ="INSERT INTO hallreservation VALUES ('','"+events+"','"+hostnames+"','"+cnicno+"','"+address1+"','"+phone+"','"+email1+"','"+date1+"','"+times+"',''"+guests+"',"+halls+"','"+menus+"','"+sitting+"','"+partition+"','"+food+"','"+extraarangement+"','"+menu1+"','"+hall1+"','"+mineral1+"','"+colddrink1+"','"+tablecharges+"','"+qtmineralwater+"','"+qtcolddrink+"','"+totalpay+"','"+advancepay+"','"remianingpay"','"reciptno"')";

in last if if this this its work fine

in last if i del this its work fine

,'"remianingpay"','"reciptno"'

但是当我添加它时告诉我错误;预计什么是探测器请帮助..

but when i add it its show me error ;expected whats probem please help ..

推荐答案

看看你有什么，这很明显：

Look at what you have and it's pretty obvious:

string insert ="INSERT INTO hallreservation VALUES ('','"+events+"','"+...
                                                    ^
                                                    |
                                                    What's this?

我认为你的意思是：

I think you meant:

string insert ="INSERT INTO hallreservation VALUES ('"+events+"','"+

但这只会解决你看到的问题 - 还有其他两个问题，它们可能很多，更糟糕。



首先，你真的， 真的 应按照你想要插入的顺序列出你要插入的列。 ，对数据库的任何未来更改都不会弄乱你的数据 - 它们将正常工作或失败 - 这两者都比错误的数据列错误要好一些你没注意到的一对几周或几个月...



其次，不要将字符串连接到构建一个SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。请改用参数化查询。

But that will only fix the problem you have seen - there are two others and they are potentially a lot, lot worse.

Firstly, you really, really should list the columns you want to insert to, in the order you want to insert. That way, any future changes to the DB will not mess up your data - they will either work properly, or fail - both of which are much better than a data-in-the-wrong-columns error that you don't notice for a couple of weeks or months...

Secondly, do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

当您想使用C＃查询在表格中插入任何数据时，请提及已归档的名称和值。



如果在你的表中你使用了一些数字的身份规范，那么就不需要插入id（表的第一个字段）

When you want to insert any data in table using C# query then , mention filed name and value.

if in your table you are using identity specification by some number then no need to insert id (first filed of table)

string sql = "INSERT into TABLENAME(studentname,studentaddress) VALUES ('"+ name_variable +"' , '"+ address_variable +"')"

在启动时这是id在数据库中的自动增量然后我留下它

任何方式我删除它但最后两个字符串添加相同的错误

in start this is id its autoincrement in database then i leave it
any way i remove it but same error on last two string added

这篇关于C＃中的插入查询中有什么错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！