语法错误更新语句 [英] Syntax error Update statement
本文介绍了语法错误更新语句的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
OleDbCommand cmd = default(OleDbCommand);
OleDbDataReader reader = default(OleDbDataReader);
string cmdUpdate = null;
GridViewRow row = (GridViewRow)ResultGridView.Rows[e.RowIndex];
Label lbl = (Label)row.FindControl("lblid");
TextBox textname = (TextBox)row.FindControl("textbox1");
TextBox textmarks = (TextBox)row.FindControl("textbox2");
conn.Open();
cmdUpdate = "UPDATE db1 " + "SET Names = '" + textname.Text + "'Number = '" + textmarks.Text + "' " + "WHERE ID = " + lbl.Text;
cmd = new OleDbCommand(cmdUpdate);
try {
cmd.Connection = conn;
cmd.CommandType = CommandType.Text;
reader = cmd.ExecuteReader();
} catch (Exception ex) {
Response.Write(ex.ToString());
}
reader.Dispose();
conn.Close();
bind()
推荐答案
阅读 http://bobby-tables.com/about.html [ ^ ]并转换你的代码以使用正确的参数化SQL命令。
我认为你需要在单引号和单词Number之间留一个空格。
Read http://bobby-tables.com/about.html[^] and convert your code to use proper parameterized SQL commands.
I think you need a space between the single quote and the word "Number".
另一种方法是使用存储过程 [ ^ ]以避免 SQL注入 [ ^ ]。
如需了解更多信息,请参阅:
使用存储过程修改数据 [ ^ ]
演练:使用GridView Web服务器控件中的存储过程显示数据 [ ^ ]
如何使用Visual Basic .NET在ASP.NET中调用SQL Server存储过程 [ ^ ]
如何:防止ASP.NET中的SQL注入 [ ^ ]
SQL注入及其如何避免 [ ^ ]
更新(SQL) [< a href =http://msdn.microsoft.com/en-us/library/ms177523.aspxtarget =_ blanktitle =新窗口> ^ ]
Another way is to use stored procedure[^] to avoid SQL Injection[^].
For further information, please see:
Modifying Data with Stored Procedures[^]
Walkthrough: Displaying Data Using a Stored Procedure in the GridView Web Server Control[^]
How to call SQL Server stored procedures in ASP.NET by using Visual Basic .NET[^]
How To: Protect From SQL Injection in ASP.NET[^]
SQL Injection and how to avoid it[^]
UPDATE (SQL)[^]
在number字段的单引号之前应该有逗号。使用update语句时,每个字段应以逗号(,)分隔。
There should be comma before the single quote of number field. while using the update statement every field should be separated by comma(,).
这篇关于语法错误更新语句的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文