如何结束此SQL UPDATE语句?调试器告诉我
字符串常量必须以双引号
结尾
并高亮显示WHERE条款"', con)
cmd = New SqlCommand("UPDATE PersonsA SET(Members_ID='" & midtxt.Text & "'Gamer_Tag='" & gttxt.Text & "'Screenname='" & sntxt.Text & "'First_Name='" & fntxt.Text & "'Last_Name='" & lntxt.Text & "'DoB='" & dobtxt.Text & "'E_Mail_Address='" & emailtxt.Text & "'Position='" & teamptxt.Text & "'UG_Studio'" & ugptxt.Text & "'Cautions='" & ugctxt.Text & "'Record='" & recordtxt.Text & "'Event_Attendance='" & eventatxt.Text & "'Members_Status='" & memberstatcombo.Text & "'GTA_V_Crew_Member='" & gtavcrewmembercombo.Text & "'Games_Owned='" & gamesownedtxt.Text & "'Rep_Group='" & RepGroupcombo.Text & "'WHERE Members_ID='" & midtxt.Text & "', con)
答案 0 :(得分:2)
最后改变
"', con)
与
"'", con)
试一试。
答案 1 :(得分:2)
您不仅错过了结束双引号,在SET之前添加了错误的括号,而且您的UPDATE语法错误,因为您错过了应该分隔字段的逗号。
切换到参数化查询会清除很多内容
cmd = New SqlCommand("UPDATE PersonsA SET Members_ID=@id, Gamer_Tag=@game, " & _
"Screenname=@screen, First_Name=@first, Last_Name=@last, DoB=@dob," & _
"E_Mail_Address=@email, Position=@pos, UG_Studio=@ustudio, Cautions=@caution," & _
"Record=@record, Event_Attendance=@event, Members_Status=@memstatus, " & _
"GTA_V_Crew_Member=@gtva, Games_Owned=@gameowned, Rep_Group=@repgroup" & _
"WHERE Members_ID=@id", con)
cmd.Parameters.AddWithValue("@id",midtxt.Text)
.... follow with other parameters ....
cmd.ExecuteNonQuery()
正如您所看到的,使用参数化查询可以简化命令文本并删除所有丑陋的字符串连接,其中隐藏了细微的语法错误。
当然,参数化查询也会删除Sql Injections
答案 2 :(得分:1)
SqlCommand("UPDATE PersonsA SET(Members_ID='" & midtxt.Text &
^ this Parenthesis is not needed
UPDATE语句的正确语法类似于
UPDATE PersonsA
SET Members_ID= SomeValue,
ColumnName = SomeValue,
.
.
... and so on...
WHERE Clause
答案 3 :(得分:0)
在某处你从模式'" ... "'切换到"' ... '"