这是我的代码。我想将这些值保存到数据库中。并发生错误,
关键字值
附近的语法不正确
foreach (GridViewRow gvr in GridView1.Rows)
{
string strcon1;
strcon1 = ConfigurationManager.ConnectionStrings["fwma_devConnectionString"].ConnectionString;
SqlConnection con1 = new SqlConnection(strcon1);
con1.Open();
SqlCommand com3 = new SqlCommand(strcon);
TextBox tb = (TextBox)gvr.FindControl("TextBox2");//value
string txt = tb.Text;
Label propertylabel = (Label)gvr.FindControl("Label4");//id-property
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";
com3.Connection = con1;
com3.ExecuteNonQuery();
con1.Close();
答案 0 :(得分:3)
使用此
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values('" + propertylabel.Text + "','" + B_id.Text + "','" + tb.Text + "')";
而不是
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";
答案 1 :(得分:1)
这条线不应该是这样的吗?
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + ")";
请使用命令参数:
When should "SqlDbType" and "size" be used when adding SqlCommand Parameters?
答案 2 :(得分:1)
如果您使用的是reserved keywords,则应指定带引号或带括号的分隔标识符。
使用括号
的示例com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,[Values]) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";