c#中INSERT INTO语句语法错误

本文关键字:语法 错误 语句 INTO INSERT | 更新日期: 2023-09-27 18:02:40

我试图使用c#创建一个订单表单,并试图将此订单表单链接到Visual Studio中使用OleDB的Access数据库。然而,当我试图将订单保存到数据库时,我不断得到语法异常,如下所示

Error System.Data.OleDb.OleDbException (0x80040E14): Syntax error in INSERT INTO statement.
at
System.Data.OleDb.OleDbCommand.ExecuteCommandTextErrorHandling(OleDb HResult hr)
at
System.Data.OleDb.OleDbCommand.ExecuteCommandTextFprSingleResult(tagD BPARAMS dbParams, Object& executeResult)
at System.Data.OleDb.OleDbCommand.ExecuteCommandText(Object& executeResult)
at System.Data.OleDb.OleDbCommand.ExecuteCommand(CommandBehavior behavior, Object& executeResult)
at System.Data.OleDb.OleDbCommand.ExecuteReaderInternal(CommandBehavior behavior, String method)
at System.Data.OleDb.OleDbCommand.ExecuteNonQuery()
at AccessLoginApp.OrderForm.btn_Save_Click(Object sender, EventArgs e) in c:'Users'skyscarer'Documents'Visual Studio 2013'Projects'AccessLoginApp'OrderForm.cs: line 214

异常指向的违规代码似乎在btn_Save_Click事件中。代码如下所示:

private void btn_Save_Click(object sender, EventArgs e)
    {
        try
        {
            connection.Open();
            OleDbCommand command = new OleDbCommand();
            command.Connection = connection;
            command.CommandText = "insert into OrderForm(Customer Name, Address, Telephone Number, Post Code) values('" + customerName.Text + "', '" + addrBox.Text + "', '" + telephoneNumber.Text + "', '" + postCode.Text + "')";
            //command.CommandText = "insert into OrderForm (Customer Name, Address, Telephone Number, Post Code, Date Ordered, Due Date, Pick Up / Delivery, Item, Quantity, Size, Price) values ('"+customerName.Text+"', '"+addrBox.Text+"', '"+telephoneNumber.Text+"', '"+postCode.Text+"', '"+dateOrderedBox.Text+"', '"+dueDate.Text+"', '"+cBoxPickDeliver.Text+"', '"+itemBox.Text+"', '"+Quantity.Text+"', '"+sizeBox.Text+"', '"+price.Text+"')";
            command.ExecuteNonQuery();
            MessageBox.Show("Order Inserted into Database");
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error " + ex);
        }
    }

然而,异常指向的行只是command.ExecuteNonQuery()代码,所以我不确定异常想说什么,因此我不确定我的代码有什么问题。如果有人能在这方面帮助我,我将不胜感激。欢呼声

c#中INSERT INTO语句语法错误

try:

"insert into OrderForm ([Customer Name], Address, [Telephone Number], [Post Code]) values('" + customerName.Text + "', '" + addrBox.Text + "', '" + telephoneNumber.Text + "', '" + postCode.Text + "')";

你也应该考虑使用参数,因为你是开放的sql注入

相关文章: