使用String SQL向数据库添加数据 [英] add data to database using String SQL

问题描述

有人可以给我一个使用String SQL命令将数据插入数据库的示例，其中包括插入值，值以及位置吗?

我试图自己编写，但它给了我错误，该错误表明关键字where附近的语法不正确.

这是我的代码；

Can anybody give me an example for inserting data to database using String SQL command which includes insert into, values and also where?

I tried to write own-by-own but it gives me error which says incorrect syntax near the keyword where.

And this is my code;

String SQL = " insert into measurrrecords(pulse)"+
             
             "values ('"+textBox1.Text"')"+

             "where ID= '"ComboBox1.SelectedIndex"'";

您如何看待我的问题?

What do you think about my problem?

推荐答案

您不能在INSERT上使用WHERE子句-对:)毫无意义.

有许多

You can''t use a WHERE clause on an INSERT - and it makes no sense to :)

There are loads of SQL Tutorials[^] on the web, I''d suggest you read through some - you''ll learn considerably more than getting piecemeal solutions on here

我认为有两件事:
1)您忘记了多个加号:

I think two things:
1) You forgot a number of plus signs:

"values ('"+textBox1.Text"')"+

成为

"values ('"+textBox1.Text + "')"+

和

"where ID= '"ComboBox1.SelectedIndex"'";

成为

"where ID= '" + ComboBox1.SelectedIndex + "'";

和
2)你不应该那样做.不要连接字符串以构建SQL命令.它使您对意外或蓄意的SQL注入攻击敞开大门，这可能会破坏整个数据库.改为使用参数化查询.

and
2) You shouldn''t do it like that. Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

这篇关于使用String SQL向数据库添加数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！