使用C#在MySQL中更新语句 [英] Update statement in MySQL using C#
本文介绍了使用C#在MySQL中更新语句的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我一直在为自己的工作场所建立一个小型库存系统,偶然发现了一个我似乎无法修复的错误
I've been building a small inventory system for my workplace and have stumbled on an error that I cannot seem to fix
private void Update(string num,string name, string quant, string location, string category, string numquery)
{
// "UPDATE Inventory SET Inventorynumber='"+ num +"',Inventory_Name='"+name+"', Quantity ='"+ quant+"',Location ='"+ location+"' Category ='"+ category+"' WHERE Inventorynumber ='"+ numquery +"';";
string query = "UPDATE Inventory SET Inventorynumber='" + Convert.ToInt16(num) + "',Inventory_Name='" + name + "', Quantity ='" + quant + "',Location ='" + location + "' Category ='" + category + "' WHERE Inventorynumber ='" + Convert.ToInt16(numquery) + "'";
if (this.OpenConnection() == true)
{
MySqlCommand cmd = new MySqlCommand();
cmd.CommandText = query;
cmd.Connection = serverconnection;
cmd.ExecuteNonQuery();
this.CloseConnection();
Bind();
}
}
我不知道在这里要更改什么. 任何帮助将不胜感激.
I have no idea what to change here. Any help would be appreciated.
推荐答案
问题:您在查询中的location
参数后缺少comma
.
解决方案:您需要使用comma
分隔parameters
.
Problem: You are missing the comma
after location
parameter in your query.
Solution: You need to separate the parameters
using a comma
.
建议::使用parameterized queries
避免SQL Injection Attacks
.
尝试一下:
private void Update(string num,string name, string quant, string location, string category, string numquery)
{
// "UPDATE Inventory SET Inventorynumber='"+ num +"',Inventory_Name='"+name+"', Quantity ='"+ quant+"',Location ='"+ location+"' Category ='"+ category+"' WHERE Inventorynumber ='"+ numquery +"';";
string query = "UPDATE Inventory SET Inventorynumber=@Inventorynumber,Inventory_Name=@Inventory_Name, Quantity =@Quantity ,Location =@Location,Category =@Category WHERE Inventorynumber =@Inventorynumber";
if (this.OpenConnection() == true)
{
MySqlCommand cmd = new MySqlCommand();
cmd.CommandText = query;
cmd.Parameters.AddWithValue("@Inventorynumber",Convert.ToInt16(num));
cmd.Parameters.AddWithValue("@Inventory_Name",name);
cmd.Parameters.AddWithValue("@Quantity",quant);
cmd.Parameters.AddWithValue("@Location",location);
cmd.Parameters.AddWithValue("@Category",category);
cmd.Parameters.AddWithValue("@Inventorynumber",Convert.ToInt16(numquery));
cmd.Connection = serverconnection;
cmd.ExecuteNonQuery();
this.CloseConnection();
Bind();
}
}
这篇关于使用C#在MySQL中更新语句的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文