当我想根据id_curse删除整行时出现问题。这是我的代码,这是我的错误:
未处理的类型' Oracle.DataAccess.Client.OracleException'发生在Oracle.DataAccess.dll。
其他信息:
外部组件抛出异常。
你能帮我解决这个问题吗?我认为SQL命令中的代码对此不利。
private void button3_Click(object sender, EventArgs e)
{
Oracle.DataAccess.Client.OracleConnection conn = new Oracle.DataAccess.Client.OracleConnection(provider);
Oracle.DataAccess.Client.OracleCommand cmd = new Oracle.DataAccess.Client.OracleCommand();
conn.Open();
cmd = new Oracle.DataAccess.Client.OracleCommand(" DELETE * from CURSE WHERE ID_CURSA = '" + textBox1.Text + "'", conn);
cmd.ExecuteNonQuery();
}
答案 0 :(得分:10)
DELETE语法如下
DELETE from CURSE WHERE ID_CURSA = xxxxx
^ no * here
但是你应该使用参数化查询而不是字符串连接。字符串连接导致Sql Injection和解析问题(带引号,小数和日期的字符串无法识别)
string cmdText = "DELETE from CURSE WHERE ID_CURSA = :ID"
using(OracleConnection conn = new OracleConnection(provider))
using(OracleCommand cmd = new OracleCommand(cmdText, conn))
{
conn.Open();
cmd.Parameters.AddWithValue("ID", textBox1.Text);
cmd.ExecuteNonQuery();
}
作为旁注,您确定ID_CURSA是文本数据库字段吗? (你在值周围加上引号,所以我假设这是一个文本字段)
答案 1 :(得分:0)
在代码周围获取try-catch-finally语句以捕获异常并查看有关错误的更多详细信息:
private void button3_Click(object sender, EventArgs e)
{
Oracle.DataAccess.Client.OracleConnection conn = new Oracle.DataAccess.Client.OracleConnection(provider);
Oracle.DataAccess.Client.OracleCommand cmd = new Oracle.DataAccess.Client.OracleCommand();
try
{
conn.Open();
cmd = new Oracle.DataAccess.Client.OracleCommand(" DELETE * from CURSE WHERE ID_CURSA = '" + textBox1.Text + "'", conn);
cmd.ExecuteNonQuery();
}
catch(Exception ex)
{
MessageBox.Show(ex.Message);
if(ex.InnerException != null)
MessageBox.Show(ex.InnerException.Message);
}
finally
{
conn.Close();
}
}