我在ExecuteNonQuery收到错误,实在不知道为什么。我花了很多时间在网上搜索并意识到User必须介于[]之间,但它还没有解决我的问题。
else {
DataTable table = new DataTable();
string query = "SELECT * FROM [User] WHERE Email = '" + tbMail.Text + "'";
OleDbDataAdapter adapter = new OleDbDataAdapter(query, connectionString);
int count = adapter.Fill(table);
if (count != 0) {
MessageBox.Show("This email is already in use", "Email in use", MessageBoxButtons.OK, MessageBoxIcon.Information);
} else {
OleDbConnection connection = new OleDbConnection(connectionString);
OleDbCommand insertCommand = new OleDbCommand();
adapter = new OleDbDataAdapter();
string encryptedPassword = Convert.ToBase64String(System.Security.Cryptography.MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(tbPass.Text)));
connection.Open();
string command = "INSERT INTO [User] (Username, Password, Email) VALUES('" + tbUser.Text + "', '" + encryptedPassword + "', " + tbMail.Text + ")";
insertCommand.Connection = connection;
insertCommand.CommandText = command;
adapter.InsertCommand = insertCommand;
adapter.InsertCommand.ExecuteNonQuery();
connection.Close();
}
}
错误是:
解析查询时出错。 [令牌行号,令牌行偏移量,令牌错误,]“
答案 0 :(得分:2)
您的电子邮件值必须在引号之间,就像用户名和密码一样。
另一点是你应该使用sql参数来防止sql注入攻击。