这是我的代码
namespace SDD_Single_Project___Michael
{
public partial class NewUser : Form
{
private OleDbConnection connection = new OleDbConnection();
public NewUser()
{
InitializeComponent();
connection.ConnectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=G:schoolworkYear 11SDD3 SINGLE TASKSDD Single Project - Michael SDD Single Project - Michael binPersondata.accdb;
Persist Security Info=False;";
}
private void btnBack_Click(object sender, EventArgs e)
{
this.Hide(); //hides this page
MainScreen frm = new MainScreen(); //finds the next screen (the main game)
frm.Show(); //shows it
}
private void btnSubmit_Click(object sender, EventArgs e)
{
try {
connection.Open(); // opens the connection
OleDbCommand command = new OleDbCommand();
command.Connection = connection;
command.CommandText = "insert into Persondata where ( FirstName,LastName,Address,Suburb,Email,Mobile) values ( '" + txtFirst.Text + "' , '" + txtLast.Text + "' , '" + txtAddress.Text + "' , '" + txtSuburb.Text + "' , '" + txtEmail.Text + "' , '" + txtMobile.Text + "' ) ";
// finds where its going to, finds the columns it is going to fill, finds the text boxes that is going to fill them
command.ExecuteNonQuery(); // error occurs here!!!
MessageBox.Show("Data Saved");
connection.Close(); // closes the connection
}
catch (Exception ex)
{
MessageBox.Show("Error " + ex);
} //if there is a error message box will appear informing it
}
}
}
错误发生在command.ExecuteNonQuery();,我无能为力,一旦我将所有信息填写到文本框中并按下提交按钮,错误就会发生。
错误表明这是的INSERT INTO语句中的语法错误
System.Data.Ole.DbCommand.ExecuteNonQuery();
请帮忙!这是一项任务!我一直在努力解决这个问题。感谢所有的帮助。
INSERT语法中没有WHERE部分。您应该将其从sql中删除。
INSERT
{
[ TOP ( expression ) [ PERCENT ] ]
[ INTO ]
{ <object> | rowset_function_limited
[ WITH ( <Table_Hint_Limited> [ ...n ] ) ]
}
{
[ ( column_list ) ]
[ <OUTPUT Clause> ]
{ VALUES ( { DEFAULT | NULL | expression } [ ,...n ] ) [ ,...n ]
| derived_table
| execute_statement
| <dml_table_source>
| DEFAULT VALUES
}
}
}
OleDbCommand不支持命名参数。
来自OleDbCommand.Parameters属性
OLE DB.NET提供程序不支持用于传递的命名参数SQL语句或由调用的存储过程的参数当CommandType设置为Text时使用OleDbCommand。在这种情况下必须使用问号(?)占位符。例如:
从CustomerID=的客户中选择*?
因此,OleDbParameter对象添加到OleDbParameterCollection必须直接对应于命令文本中参数的问号占位符。
如果集合中的参数与的要求不匹配则可能导致错误。
但更重要的是,您应该始终使用参数化查询。这种字符串串联对SQL注入攻击是开放的。
command.CommandText = @"insert into Persondata(FirstName,LastName,Address,Suburb,Email,Mobile)
values (?, ?, ?, ?, ?, ?)";
然后使用SqlParameterCollection.Add方法添加您的参数值
还可以使用using语句来处理数据库连接。
using(OleDbConnection connection = new OleDbConnection(connString))
using(OleDbCommand command = connection.CreateCommand())
{
command.CommandText = @"insert into Persondata(FirstName,LastName,Address,Suburb,Email,Mobile)
values (?, ?, ?, ?, ?, ?)";
//Add your parameter values with right order.
connection.Open();
command.ExecuteNonQuery();
}
应用程序中的SQL语句不正确。insert SQL子句不允许使用where。这是MSDN的一个摘录,具有INSERT INTO子句的结构。
[ WITH <common_table_expression> [ ,...n ] ] INSERT {
[ TOP ( expression ) [ PERCENT ] ]
[ INTO ]
{ <object> | rowset_function_limited
[ WITH ( <Table_Hint_Limited> [ ...n ] ) ]
}
{
[ ( column_list ) ]
[ <OUTPUT Clause> ]
{ VALUES ( { DEFAULT | NULL | expression } [ ,...n ] ) [ ,...n ]
| derived_table
| execute_statement
| <dml_table_source>
| DEFAULT VALUES
}
} } [;]
使用SQL语句的正确方法是(也取自MSDN):
INSERT INTO Production.UnitMeasure
VALUES (N'FT', N'Feet', '20080414');
如果使用SELECT INTO语句,则可以使用where。
因此,要解决您的问题,您需要从SQL语句中删除where子句。
您不应该在INSERT语句中使用WHERE
command.CommandText = "insert into Persondata ( FirstName,LastName,Address,Suburb,Email,Mobile) values ( @param1,@param2,@param3,@param4,@param5,@param6) ";
command.Parameters.AddWithValue("@param1", txtFirst.Text);
command.Parameters.AddWithValue("@param2",txtLast.Text);
....
...
command.Parameters.AddWithValue("@param6",txtMobile.Text);