','附近的语法不正确 [英] incorrect syntax near ','
本文介绍了','附近的语法不正确的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
myconn = 新 SqlConnection( data source = nic-bpdc; Initial Catalog = pension; integrated security = true; user id = pension; password = admin;)
myconn.Open()
cmd.Connection = myconn
cmd.CommandText =( 选择用户名,登录密码,其中username =' & TextBox1.Text& ',password ='& TextBox2。文字& ')
dr = cmd.ExecuteReader()
如果 dr.HasRows 那么
Main.Show()
我 .Visible = False
萨尔瓦多se
MsgBox( 用户名无效&密码)
解决方案
要解决您的错误,请替换',密码带'和密码
不过,我还建议你看一下SQL参数,如果你正在从文本框中读取文字字符串,你的代码很容易受到SQL注入攻击。
我建议你查看一下这些搜索结果:
Google搜索 [ ^ ]
cmd.CommandText =( 从登录中选择用户名,密码,其中username =' + TextBox1.Text + '和password =' + TextBox2.Text + ')
cmd.CommandText =( 选择用户名,登录密码,其中username =' + TextBox1.Text + 'AND password =' + TextBox2.Text + ');
-KR
myconn = New SqlConnection("data source=nic-bpdc;Initial Catalog=pension;integrated security=true;user id=pension;password=admin;")
myconn.Open()
cmd.Connection = myconn
cmd.CommandText = ("select username, password from login where username= '" & TextBox1.Text & "', password= '" & TextBox2.Text & "'")
dr = cmd.ExecuteReader()
If dr.HasRows Then
Main.Show()
Me.Visible = False
Else
MsgBox("invalid username & Password") 解决方案
To solve your error replace"', password"with"' AND password"
However, I would also suggest you look at SQL Parameters, your code is vulnerable to SQL injection attacks if you are reading literal strings from text boxes.
I would suggest you have a look at some of these search results:
Google search[^]
Try this:
cmd.CommandText = ("select username, password from login where username= '"+ TextBox1.Text+ "' and password= '" + TextBox2.Text + "'")
cmd.CommandText = ("select username, password from login where username= '" + TextBox1.Text + "' AND password= '" + TextBox2.Text + "'");
-KR
这篇关于','附近的语法不正确的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
