Sql Parametrized更新命令的语法错误 - c#

时间:2013-05-05 12:40:33

标签: c# .net sql oledb sqlparameters

这是我在c#中的第一个SQL参数化更新命令,当我完成更新时出现语法错误。

这是我的代码: 

    string maRequete = "UPDATE "  + strNomTable + " set " 
    + "evetype = @evetype ,"
    + "evedes = @evedes ,"
    + "evecli = @evecli ,"
    + "eveusermo = @eveusermo ,"
    + "eveinterv = @eveinterv where eveNum = " + '"' + strEvtNumeroString.ToString() + '"';

    OleDbCommand DbCommand = new OleDbCommand(maRequete);

    DbCommand.Parameters.Add("@evetype", OleDbType.VarChar);
    DbCommand.Parameters.Add("@evedes", OleDbType.VarChar);
    DbCommand.Parameters.Add("@evecli", OleDbType.VarChar);
    DbCommand.Parameters.Add("@eveusermo", OleDbType.VarChar);
    DbCommand.Parameters.Add("@eveinterv", OleDbType.VarChar);


    DbCommand.Parameters["@evetype"].Value = m_strEvtType.ToString().Trim();
    DbCommand.Parameters["@evedes"].Value = m_strDesignation.ToString().Trim();
    DbCommand.Parameters["@evecli"].Value = m_strCodeClient.ToString().Trim();
    DbCommand.Parameters["@eveusermo"].Value = m_strUserModification;
    DbCommand.Parameters["@eveinterv"].Value = m_strCodeIntervenant.ToString().Trim();


    try
    {
        string strStringConnect = @"Provider=vfpoledb.1;Data Source=" + m_strDirectoryDBF + "\\" + strDbfFile + ".dbf;Collating Sequence=general";
        OleDbConnection DbConnection = new OleDbConnection(strStringConnect);

        DbCommand.CommandType = System.Data.CommandType.Text;

        DbConnection.Open();
        DbCommand.Connection = DbConnection;

        DbCommand.ExecuteNonQuery();
        return "O";
    }
    catch (Exception Ex)
    {
        return Ex.Message;
    }

任何人都知道我的错误在哪里?另外,我在一个旧的DBF文件(Visual Foxpro)中写道,我认为我无法访问日志以调试查询:(。

非常感谢:)

致以最诚挚的问候,

Nixeus

3 个答案:

答案 0 :(得分:1)

尝试在UPDATE语句中使用单引号而不是双引号。最后一行

+ "eveinterv = @eveinterv where eveNum = " + '"' + strEvtNumeroString.ToString() + '"';

应该是

+ "eveinterv = @eveinterv where eveNum = '" + strEvtNumeroString.ToString() + "'";

答案 1 :(得分:1)

将命令文本更改为

 string maRequete = "UPDATE " + strNomTable + " set "
 + "evetype = @evetype ,"
 + "evedes = @evedes ,"
 + "evecli = @evecli ,"
 + "eveusermo = @eveusermo ,"
 + "eveinterv = @eveinterv where eveNum = '" + strEvtNumeroString.ToString() + "'";

答案 2 :(得分:0)

如果您打印出maRequete,并尝试以交互方式执行它,您会发现SQL语法不正确。您似乎可能使用双引号来表示字符串常量;在SQL中你应该使用单引号。您的数据可能包含单引号(即撇号)。在这种情况下,您需要添加和添加一个,例如

INSERT ... values ('you''ll need two apostrophes for this');

这些只是SQL规则。如果要执行查询,则必须为服务器提供有效的语法。

相关问题
最新问题