SQL语法错误
本文关键字:错误 语法 SQL | 更新日期: 2023-09-27 18:24:01
当我尝试使用表单插入数据时,它会抛出异常(e1)"Error Occurred Please try Again"如果您的sql语法中有错误,请查看与Mysql服务器版本对应的手册,以获取要在附近使用的正确语法请帮助更正此错误
StringBuilder query = new StringBuilder();
query.Append("Insert Into my_project_data.vehicle(ChassyNumber ,ManufacturedYear, EngineCapacity,Price,Features ,VehicleBrand , VehicleType) Values('" + chassy_txt.Text + "','"+manufac_year_txt.Text+"','"+Engine_Capasity_txt.Text+"','"+Price_txt.Text+"','"+Features_rich_txt.Text+"',");
Classes.DB_Connectivity db = new Classes.DB_Connectivity();
try
{
db.openConnection();
if ((radioButton1.Checked || radioButton2.Checked) && (radioButton7.Checked || radioButton11.Checked) && ( manufac_year_txt.Text != "" && Engine_Capasity_txt.Text != "" && Price_txt.Text != "" && Features_rich_txt.Text != ""))
{
if (radioButton1.Checked)
{
query.Append("BMW ,");
}
if (radioButton2.Checked)
{
query.Append("Benz , ");
}
if (radioButton7.Checked)
{
query.Append("Car ,");
}
if (radioButton11.Checked)
{
query.Append("SUV ,");
}
if ( manufac_year_txt.Text != "" && Engine_Capasity_txt.Text != "" && Price_txt.Text != "" && Features_rich_txt.Text != "")
{
query.Append(" '"+manufac_year_txt.Text+"', '"+Engine_Capasity_txt.Text+"','"+Price_txt.Text+"','"+Features_rich_txt.Text+"'");
}
MySqlCommand cmd = new MySqlCommand(query.ToString(), db.conn);
cmd.ExecuteNonQuery();
MessageBox.Show(" Vehicle Registration Successfull ", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Fill All Required Information ", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
catch (Exception e1)
{
MessageBox.Show("Error Occured Please Try Again " +e1.Message,"Error",MessageBoxButtons.OK,MessageBoxIcon.Error);
}
您可能在行尾遗漏了一个撇号(加上粗体):
query.Append("插入my_project_data.vhicle(ChassyNumber,制造年份,发动机容量,价格,功能,车辆品牌,VehicleType)值('"+chasssy_txt.Text+"','"+manufacture_year_Text.Text+"',''"+Engine_Capsity_txt.Text+"','"+Price_txt.Text+"'、'"+Features_rich_txt.txt+"'、");
应为"+Features_rich_txt.Text+"','");您已经:'"+Features_rich_txt.Text+"',");
此外,您还需要在车型后面加一个撇号:比如:查询附加("宝马");等等
还请考虑上面关于SQL注入的一条注释。