我正在使用Azure来托管我的数据库。我发现这个问题最常见的解决方案都与SQL查询中的错误数据有关。我正在使用参数,所以我不认为这是一个问题。我的输入数据不包括SQL将为查询识别的任何字符。我很难过。这是我的代码。
Public Function camp_UploadScoutRecord(ByVal recordID As String, ByVal requirementsID As String, ByVal scoutID As String, _
ByVal scoutName As String, Optional ByVal unitType As String = "", Optional ByVal unitNumber As String = "", Optional ByVal district As String = "", _
Optional ByVal council As String = "", Optional ByVal street As String = "", Optional ByVal city As String = "", Optional ByVal campName As String = "", Optional ByVal req1 As String = "", Optional ByVal req2 As String = "", _
Optional ByVal req3 As String = "", Optional ByVal req4 As String = "", Optional ByVal req5 As String = "", Optional ByVal req6 As String = "", Optional ByVal req7 As String = "", _
Optional ByVal req8 As String = "", Optional ByVal req9 As String = "", Optional ByVal req10 As String = "", Optional ByVal req11 As String = "", Optional ByVal req12 As String = "", _
Optional ByVal req13 As String = "", Optional ByVal req14 As String = "", Optional ByVal req15 As String = "", Optional ByVal req16 As String = "", Optional ByVal req17 As String = "", _
Optional ByVal req18 As String = "", Optional ByVal req19 As String = "", Optional ByVal req20 As String = "", Optional ByVal req21 As String = "", Optional ByVal req22 As String = "", _
Optional ByVal badgeComplete As String = "", Optional ByVal badgeName As String = "", Optional ByVal subscriberID As String = "") As String Implements IMastersheetUpload.camp_UploadScoutRecord
Dim newRecordID As String
Dim dateToday As Date = Date.Today
newRecordID = Guid.NewGuid.ToString()
Dim selectcmd As New SqlCommand("SELECT * FROM campMeritBadgeRecords WHERE meritBadgeRequirementsID = @ID", myconn)
Dim sqlParam As New SqlParameter("@ID", newRecordID)
selectcmd.Parameters.Add(sqlParam)
Dim ds As New DataSet()
Dim da As New SqlDataAdapter(selectcmd)
da.Fill(ds)
'Find an unused recordID for this record
'If the GUID already exists in the database, then generate new one
If ds.Tables(0).Rows.Count <> 0 Then
While ds.Tables(0).Rows.Count <> 0
newRecordID = Guid.NewGuid.ToString()
da.Fill(ds)
End While
End If
Dim insertCMD As New SqlCommand("INSERT INTO campMeritBadgeRecords " + _
"VALUES (@recordID," + _
"@meritBadgeRequirementsID," + _
"@scoutID," + _
"@lastUpdated," + _
"@scoutName," + _
"@unitType," + _
"@unitNumber," + _
"@district," + _
"@council," + _
"@street," + _
"@city," + _
"@req1Complete," + _
"@req2Complete," + _
"@req3Complete," + _
"@req4Complete," + _
"@req5Complete," + _
"@req6Complete," + _
"@req7Complete," + _
"@req8Complete," + _
"@req9Complete," + _
"@req10Complete," + _
"@req11Complete," + _
"@req12Complete," + _
"@req13Complete," + _
"@req14Complete," + _
"@req15Complete," + _
"@req16Complete," + _
"@req17Complete," + _
"@req18Complete," + _
"@req19Complete," + _
"@req20Complete," + _
"@req21Complete," + _
"@req22Complete," + _
"@badgeComplete," + _
"@campName," + _
"@badgeName," + _
"@uploadSubscriberID);", myconn)
With insertCMD.Parameters
'Record Info
.AddWithValue("@recordID", newRecordID)
.AddWithValue("@meritBadgeRequirementsID", requirementsID)
'Scout Info
.AddWithValue("@scoutID", scoutID)
.AddWithValue("@lastUpdated", Date.Today.ToString)
.AddWithValue("@scoutName", scoutName)
.AddWithValue("@unitType", unitType)
.AddWithValue("@unitNumber", unitNumber)
.AddWithValue("@district", district)
.AddWithValue("@council", council)
.AddWithValue("@street", street)
.AddWithValue("@city", city)
'Merit Badge Completion Info
.AddWithValue("@req1Complete", req1)
.AddWithValue("@req2Complete", req2)
.AddWithValue("@req3Complete", req3)
.AddWithValue("@req4Complete", req4)
.AddWithValue("@req5Complete", req5)
.AddWithValue("@req6Complete", req6)
.AddWithValue("@req7Complete", req7)
.AddWithValue("@req8Complete", req8)
.AddWithValue("@req9Complete", req9)
.AddWithValue("@req10Complete", req10)
.AddWithValue("@req11Complete", req11)
.AddWithValue("@req12Complete", req12)
.AddWithValue("@req13Complete", req13)
.AddWithValue("@req14Complete", req14)
.AddWithValue("@req15Complete", req15)
.AddWithValue("@req16Complete", req16)
.AddWithValue("@req17Complete", req17)
.AddWithValue("@req18Complete", req18)
.AddWithValue("@req19Complete", req19)
.AddWithValue("@req20Complete", req20)
.AddWithValue("@req21Complete", req21)
.AddWithValue("@req22Complete", req22)
.AddWithValue("@badgeComplete", badgeComplete)
.AddWithValue("@campName", campName)
.AddWithValue("@badgeName", badgeName)
.AddWithValue("@uploadSubscriberID", subscriberID)
End With
insertCMD.ExecuteNonQuery()
myconn.Close()
'Return recordID to tablet software for future record updates
Return newRecordID
答案 0 :(得分:1)
我的猜测就是这一行...
INSERT INTO campMeritBadgeRecords" + _
"VALUES (@recordID," + _
您不会在campMeritBadgeRecords和VALUES之间留出空格,因此SQL Server将其读取为
INSERT INTO campMeritBadgeRecordsVALUES(
答案 1 :(得分:1)
我认为你在插入声明中的错误。
表名campMeritBadgeRecords和values组合在insert语句中,因此您必须在表名campMeritBadgeRecords
所以你的陈述就像那样
Dim insertCMD As New SqlCommand("INSERT INTO campMeritBadgeRecords values" + _
答案 2 :(得分:0)
我要做的第一件事是仔细检查以确保参数的值是有效的sql-convertible数据类型。例如,参数中的Nothing值可以抛弃整个查询,因为VB.NET的Nothing没有隐式转换为SQL的NULL(我们有DBNull那)。如果您没有使用ORM(看起来不是这样),那么您可以使用合并If()运算符或围绕任何可能为空的值(例如字符串)包装If语句。 / p>
例如:
With insertCMD.Parameters
' coalesce example
.AddWithValue("@district", If(district, DBNull.Value))
' If ... Then example
If req2 IsNot Nothing Then
.AddWithValue("@council", council)
Else
.AddWithValue("@council", DbNull.Value)
End If
End With
正如其他人所指出的,在多行查询的某处可能存在格式问题。为了便于阅读,您可以将其切换为使用XML文字语法,如此问题的答案中所示:Multiline strings in VB.NET
Dim sqlString = _
<![CDATA[
INSERT INTO campMeritBadgeRecords
VALUES (
@recordID,
@meritBadgeRequirementsID,
@scoutID,
@lastUpdated,
@scoutName,
@unitType,
@unitNumber,
@district,
@council,
@street,
@city,
@req1Complete,
@req2Complete,
@req3Complete,
@req4Complete,
@req5Complete,
@req6Complete,
@req7Complete,
@req8Complete,
@req9Complete,
@req10Complete,
@req11Complete,
@req12Complete,
@req13Complete,
@req14Complete,
@req15Complete,
@req16Complete,
@req17Complete,
@req18Complete,
@req19Complete,
@req20Complete,
@req21Complete,
@req22Complete,
@badgeComplete,
@campName,
@badgeName,
@uploadSubscriberID
);
]]>.Value
Dim insertCMD As New SqlCommand(sqlString, myconn)