使用VB.Net更新SQLite数据库时出错

时间:2013-12-12 23:03:20

标签: sql vb.net sqlite sql-update sharpdevelop

尝试使此代码正常工作,以便更新我的SQLite数据库。继续收到错误,说明语句的结尾是错误的BC30205。我看不出我错过了什么!这是我第一次尝试SQL中的更新语句,所以我可能错过了一些明显的东西!我用箭头标记了我遇到错误的代码行! 

Public Partial Class Change_Password
Public Sub New()
    ' The Me.InitializeComponent call is required for Windows Forms designer support.
    Me.InitializeComponent()

    '
    ' TODO : Add constructor code after InitializeComponents
    '
End Sub

Dim SQLconnect As New System.Data.SQLite.SQLiteConnection()
Dim SQLcommand As System.Data.SQLite.SQLiteCommand
Dim SQLreader As System.Data.SQLite.SQLiteDataReader

Dim Password1 As String = ""
Dim Password2 As String = ""

Public Class Password
    Public shared usernamechange As String = ""
End Class

Sub Cmd_NextClick(sender As Object, e As EventArgs)
    If Trim(txt_Password_Box.Text) = "" Then
        MsgBox("Please enter a password")
    Else
        Password1 = txt_Password_Box.Text
        txt_Password_Box.Text = ""
        txt_Password_Box.Focus
        lbl_Instruction.Text = "Please re-enter the exact same password!"
        cmd_Submit.Visible = True
        cmd_Next.Visible = False
        Me.AcceptButton = cmd_Submit
    End If

End Sub

Sub Change_PasswordLoad(sender As Object, e As EventArgs)
    cmd_Submit.Visible = False  
    Me.AcceptButton = cmd_Next
    SQLconnect.ConnectionString = "Data Source=KCD.s3db;"
    SQLconnect.Open()
End Sub

Sub Cmd_SubmitClick(sender As Object, e As EventArgs)
    If Trim(txt_Password_Box.Text) = "" Then
        MsgBox("Please enter the password again")
        Exit Sub
    Else
        Password2 = txt_Password_Box.Text
        txt_Password_Box.Text = ""
    End If



    If Password1 = Password2 Then

        SQLcommand = SQLconnect.CreateCommand

------> SQLcommand.CommandText = "UPDATE Staff SET Password = '" & password1 & "' WHERE '" Username = "' & password.usernamechange & '"""



        SQLcommand.Dispose()

        MsgBox("Your password has been changed",vbInformation,"Password Changed")
        Me.Close

    Else

        MsgBox("Passwords do not match. Please try again.")
        txt_Password_Box.Focus
        cmd_Submit.Visible = False
        cmd_Next.Visible = True
        Password1 = ""
        Password2 = ""
        lbl_Instruction.Text = "Please enter a new password!"
        Me.AcceptButton = cmd_Next
    End If

End Sub
End Class
希望有人可以帮助我!感谢

1 个答案:

答案 0 :(得分:0)

这条线似乎不对。变化

SQLcommand.CommandText = "UPDATE Staff SET Password = '" & password1 & "' WHERE '" Username = "' & password.usernamechange & '"""


SQLcommand.CommandText = "UPDATE Staff SET Password = '" & password1 & "' WHERE Username = '" & password.usernamechange & "'"
顺便说一句,连接这样的字符串容易导致SQL Injection

相关问题
最新问题