我有自己研究的代码, 它不返回任何错误,它更新在文本框中输入的一些数据,但不更新所有字段
我检查正在更新的字段附近的代码,以将其与不匹配的文本框进行比较 更新
但我没有看到差异,它只是不更新所有字段,只更新一些字段
Dim sqlconn As New SqlClient.SqlConnection
sqlconn.ConnectionString = "server = SKPI-APPS1;" & _
"Database = EOEMS;integrated security=true"
Dim myCommand As SqlCommand
Try
'update command
sqlconn.Open()
myCommand = New SqlCommand(
"UPDATE tblOfficeEquipmentProfile SET OE_Category = '" & cmbCategory.Text
& "',OE_SubCategory = '" & cmbSubCategory.Text
& "', OE_Name = '" & txtName.Text
& "', OE_User = '" & txtUser.Text
& "', OE_Brand = '" & cmbBrand.Text
& "', OE_Model = '" & cmbModel.Text
& "', OE_Specs = '" & txtSpecs.Text
& "', OE_SerialNo = '" & txtSerialNo.Text
& "', OE_PropertyNo = '" & txtPropertyNo.Text
& "', OE_MacAddress = '" & txtMacAddress.Text
& "', OE_Static_IP = '" & txtStaticIp.Text
& "', OE_Vendor = '" & cmbVendor.Text
& "', OE_PurchaseDate = '" & txtPurchaseDate.Text
& "', OE_WarrantyInclusiveYear = '" & cmbWarrantyInclusiveYear.Text
& "', OE_WarrantyStatus = '" & txtWarrantyStatus.Text
& "', OE_Status = '" & txtStatus.Text
& "', OE_Dept_Code = '" & cmbDeptCode.Text
& "', OE_Location_Code = '" & cmbLocationCode.Text
& "', OE_Remarks ='" & cmbRemarks.Text
& "' WHERE OE_ID = '" & txtOEID.Text & "'", sqlconn)
' ^^ (edited to separate lines for ease of viewing )
myCommand.ExecuteNonQuery()
MessageBox.Show("Office Equipment Profile Successfully Updated Records")
Catch ex As Exception
MsgBox(ex.Message)
End Try
答案 0 :(得分:0)
一些故障排除建议:
尝试这样的模式:
Dim SQL As String = "UPDATE STaff Set Initials='RCH' WHERE Initials = 'RCH'"
myCommand = New SqlCommand(SQL, sqlconn)
Dim iCnt As Integer = myCommand.ExecuteNonQuery()
MessageBox.Show("Office Equipment Profile Successfully Updated " & iCnt & " Records")
在第二行放置断点并使用Text Visualizer查看SQL。您也可以复制它并在其他查询工具中使用它来处理它并找到错误。
此外,捕获已更改的记录数(上面的iCnt)并执行一些QA和/或调试。
注入:虽然您的项目可能不会受到注入攻击,但您可以通过不确保.Text值不会破坏SQL来踩踏自己。例如,如果任何.Text包含撇号,则SQL将失败。您可以编写一个函数来替换'with'',这样您就会安全。
或者每个人:OE_Location_Code ='“& cmbLocationCode.Text.replace(”'“,”''“)
这会将“Fred's Room”转换为“Fred''s Room”