我需要帮助找出我的SQL语句中的错误。我一直在尝试几件事,但似乎什么都没有用? 这是我收到的错误消息
Run-time error '3075':
Syntax error (missing operator) in query expression '([description] = Manufacturing and Delivery Schedule AND [pr_num] = 83)'.
这是我的代码:
Private Sub Command6_Click()
' ===================================================
' Receives the selected item in the combo box
' ===================================================
' Open the Database connection
Dim data_base As Database
Set data_base = CurrentDb
' Grab description and pr number from the form
Dim desc As string
dim pr_number as long
desc = Combo4.Value
pr_number = Text8.Value
' Build the query
Dim query As String
query = "UPDATE VDR_Table " & _
"SET [received] = [p1] " & _
"WHERE ([description] = " & desc & _
" AND [pr_num] = " & pr_number & ");"
Dim rec_set As DAO.Recordset
Set rec_set = data_base.OpenRecordset(query)
' Build the QueryDef
Set qd = data_base.CreateQueryDef("")
qd.SQL = query
' Execute query
qd.Parameters("p1").Value = true
qd.Execute
' Close nad null record set
rec_set.close
set rec_set = nothing
' Close the connection to the database
data_base.Close
' Prompt the user success
MsgBox "Item has been received"
End Sub
提前感谢您的帮助!
答案 0 :(得分:1)
您需要将您在引号中设置的description字段值括起来,因为它是一个字符串字段。它应该是这样的:
' Build the query
Dim query As String
query = "UPDATE VDR_Table " & _
"SET [received] = [p1] " & _
"WHERE ([description] = '" & desc & _
"' AND [pr_num] = " & pr_number & ");"
删除了以下链接,因为在这种情况下它们无关紧要。
另外,我建议使用参数而不是字符串连接来避免SQL注入。以下是使用VBA参数的示例 - http://support.microsoft.com/kb/181734 - 这里有一些关于为什么要使用参数化sql的推理 - http://www.codinghorror.com/blog/2005/04/give-me-parameterized-sql-or-give-me-death.html。