我正在尝试执行此语句以将一些值插入到数据库中。
com = new SqlCeCommand("INSERT INTO [cars table]"
+ "([Car reg no],[MOT expiry date], Mileage,[Other information])"
+ "VALUES (" + m._INSERTCarRegNo + "," + m._INSERTExpiryDate + ","
+ m._INSERTMileage + "," + m._INSERTotherInformation
+ ")",this.returnConnection);
以上是我的陈述,但我收到错误,错误是无法解析字符串。任何人都可以帮助我吗?
由于
答案 0 :(得分:1)
您忘记了字符串值周围的引号。
com = new SqlCeCommand("INSERT INTO [cars table]"
+ "([Car reg no],[MOT expiry date], Mileage,[Other information])"
+ "VALUES ('" + m._INSERTCarRegNo + "','" + m._INSERTExpiryDate + "','"
+ m._INSERTMileage + "','" + m._INSERTotherInformation
+ "')",this.returnConnection);
(数字值不需要单引号)
答案 1 :(得分:1)
始终使用Parameters
来避免此类问题和SQL注入。
var sql=@"INSERT INTO [cars table]
([Car reg no],[MOT expiry date], Mileage,[Other information])
VALUES (@Carregno,@MOTexpirydate,@Mileage,@Otherinformation])";
com = new SqlCeCommand(sql,this.returnConnection);
com.Parameters.AddWithValue("@Carregno",m._INSERTCarRegNo);
..
答案 2 :(得分:1)
这将是一个更清洁的解决方案(而不是构建自己的SQL字符串)......
com =
new SqlCeCommand(
"INSERT INTO [cars table] " +
"([Car reg no],[MOT expiry date], Mileage,[Other information] " +
"VALUES " +
"(@reg, @expiry, @mileage, @otherinfo)"
, this.returnConnection);
com.Parameters.AddWithValue("@reg" , m._INSERTCarRegNo);
com.Parameters.AddWithValue("@expiry" , m._INSERTExpiryDate);
com.Parameters.AddWithValue("@mileage" , m._INSERTMileage);
com.Parameters.AddWithValue("@otherinfo" , m._INSERTotherInformation);
答案 3 :(得分:0)
您的SQL语法有错误;查看与MySQL服务器版本对应的手册,以便在第1行key,created,activations,used,hotelid)values(b,1-29-13, 3,1,11)
附近使用正确的语法