这是我的编辑命令的代码。单击编辑按钮消息时,会弹出更新语句中的语法错误。但是在调试时,没有错误。
Try
Dim SqlQuery As String = "UPDATE data SET archivedate = '" & txtarcdate.Text & "', filenumber = '" & txtfilenum.Text & "', filedate = '" & txtfiled.Text & "', section ='" & txtsection.Text & "', subject '" & txtsubject.Text & "' WHERE number = " & number & ";"
Dim SqlCommand As New OleDbCommand
With SqlCommand
.CommandText = SqlQuery
.Connection = conn
.ExecuteNonQuery()
End With
MsgBox("One record successfully updated.")
loadListView()
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub
答案 0 :(得分:1)
这是您的查询语句:
Dim SqlQuery As String = "UPDATE data SET archivedate = '" & txtarcdate.Text & "', filenumber = '" & txtfilenum.Text & "', filedate = '" & txtfiled.Text & "', section ='" & txtsection.Text & "', subject '" & txtsubject.Text & "' WHERE number = " & number & ";"
让我们注意这一部分:
& "', subject '" & txtsubject.Text &
你错过了等号。应该是:
& "', subject = '" & txtsubject.Text &
所以完整的一行是:
Dim SqlQuery As String = "UPDATE data SET archivedate = '" & txtarcdate.Text & "', filenumber = '" & txtfilenum.Text & "', filedate = '" & txtfiled.Text & "', section ='" & txtsection.Text & "', subject = '" & txtsubject.Text & "' WHERE number = " & number & ";"
最后,关于SQL注入的研究。您的代码正在遭受严重的安全问题。