我正在尝试将数据从VB.NET插入到MS Access中的多个表中,但是我从MessageBox.Show获取“在SQL语句结束时缺少分号(;)。”信息)。但是,一旦我添加;我收到此错误:“在SQL语句结束后找到的字符。”
我在哪里做错了?有人可以自由查看我的代码并帮我解决问题吗?此外,如果你们有更好的替代编码方式,我将非常感激。提前谢谢。
Imports System.Data.OleDb
Public Class addNew
Dim conn As New OleDbConnection()
Dim sqlCom As New OleDbCommand()
Private Sub btnAddNew_Click(sender As Object, e As EventArgs) Handles btnAddNew.Click
If txtFirstName.Text = "" Or txtLastName.Text = "" Or txtContact.Text = "" Or txtEmail.Text = "" Or comboMembershipType.Text = "" Then
MessageBox.Show("Please complete the required fields.", "Authentication Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
Try
conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source= " & Application.StartupPath & "\igcDatabase.accdb"
sqlCom.Connection = conn
conn.Open()
sqlCom.CommandText = "INSERT INTO [Members] ([Member First Name], [Member Last Name], [Gender], [Contact], [Email])" _
& " VALUES (@FirstName, @LastName, @Gender, @Contact, @Email)"
sqlCom.CommandText &= "INSERT INTO [Membership Types] ([Membership Type])" & "VALUES (@MembershipType)"
Dim gender As String
If rbtnMale.Checked = True Then
gender = "Male"
Else
gender = "Female"
End If
sqlCom.Parameters.AddWithValue("@FirstName", txtFirstName.Text)
sqlCom.Parameters.AddWithValue("@LastName", txtLastName.Text)
sqlCom.Parameters.AddWithValue("@Gender", gender)
sqlCom.Parameters.AddWithValue("@Contact", txtContact.Text)
sqlCom.Parameters.AddWithValue("@Email", txtEmail.Text)
sqlCom.Parameters.AddWithValue("@MembershipType", comboMembershipType.Text)
sqlCom.ExecuteNonQuery()
MessageBox.Show("Successfully added member!")
conn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End If
End Sub
End Class
更新了工作代码:
Imports System.Data.OleDb
Public Class addNew
Dim conn As New OleDbConnection()
Dim sqlCom As New OleDbCommand()
Private Sub btnAddNew_Click(sender As Object, e As EventArgs) Handles btnAddNew.Click
If txtFirstName.Text = "" Or txtLastName.Text = "" Or txtContact.Text = "" Or txtEmail.Text = "" Or comboMembershipType.Text = "" Then
MessageBox.Show("Please complete the required fields.", "Authentication Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
Try
conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source= " & Application.StartupPath & "\igcDatabase.accdb"
sqlCom.Connection = conn
conn.Open()
sqlCom.CommandText = "INSERT INTO [Members] " _
& "([Member First Name], [Member Last Name], [Gender], [Contact], [Email])" _
& " VALUES (@FirstName, @LastName, @Gender, @Contact, @Email)"
Dim gender As String
If rbtnMale.Checked = True Then
gender = "Male"
Else
gender = "Female"
End If
'Parameter is used below to prevent SQL Injection
sqlCom.Parameters.AddWithValue("FirstName", txtFirstName.Text)
sqlCom.Parameters.AddWithValue("LastName", txtLastName.Text)
sqlCom.Parameters.AddWithValue("Gender", gender)
sqlCom.Parameters.AddWithValue("Contact", txtContact.Text)
sqlCom.Parameters.AddWithValue("Email", txtEmail.Text)
'Code below is used as the query does not return any data back to the form
sqlCom.ExecuteNonQuery()
'Query for Membership Types Table in MS Acess
sqlCom.CommandText = "INSERT INTO [Membership Types] ([Membership Type])" & " VALUES (@MembershipType)"
'Parameter is used below to prevent SQL Injection
'sqlCom.Parameters.Clear() is used to clear the previous input of data
sqlCom.Parameters.Clear()
sqlCom.Parameters.AddWithValue("MembershipType", comboMembershipType.Text)
'Code below is used as the query does not return any data back to the form
sqlCom.ExecuteNonQuery()
MessageBox.Show("Successfully added member!")
'Close Data Connection
conn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End If
End Sub
End Class
答案 0 :(得分:1)
你所做的是连接两个字符串 - &不是空间。摆脱&和第二个查询中的引号,只有会员类型])VALUES ...然后在第一个查询的末尾添加一个空格,否则它读取... @email)INSERT ... membershiptype])VALUES。还有你尝试只添加一个;第一次查询后,但不是第二次查询后?
答案 1 :(得分:1)
试试这个
Imports System.Data.OleDb
Public Class addNew
Dim conn As New OleDbConnection()
Dim sqlCom As New OleDbCommand()
Private Sub btnAddNew_Click(sender As Object, e As EventArgs) Handles btnAddNew.Click
If txtFirstName.Text = "" Or txtLastName.Text = "" Or txtContact.Text = "" Or txtEmail.Text = "" Or comboMembershipType.Text = "" Then
MessageBox.Show("Please complete the required fields.", "Authentication Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
Else
Try
conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source= " & Application.StartupPath & "\igcDatabase.accdb"
sqlCom.Connection = conn
conn.Open()
sqlCom.CommandText = "INSERT INTO [Members] ([Member First Name], [Member Last Name], [Gender], [Contact], [Email])" _
& " VALUES (@FirstName, @LastName, @Gender, @Contact, @Email)"
Dim gender As String
If rbtnMale.Checked = True Then
gender = "Male"
Else
gender = "Female"
End If
sqlCom.Parameters.AddWithValue("@FirstName", txtFirstName.Text)
sqlCom.Parameters.AddWithValue("@LastName", txtLastName.Text)
sqlCom.Parameters.AddWithValue("@Gender", gender)
sqlCom.Parameters.AddWithValue("@Contact", txtContact.Text)
sqlCom.Parameters.AddWithValue("@Email", txtEmail.Text)
sqlCom.ExecuteNonQuery()
sqlCom.CommandText = "INSERT INTO [Membership Types] ([Membership Type])" & "VALUES (@MembershipType)"
sqlCom.Parameters.Clear()
sqlCom.Parameters.AddWithValue("@MembershipType", comboMembershipType.SelectedText)
sqlCom.ExecuteNonQuery()
MessageBox.Show("Successfully added member!")
conn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End If
End Sub
End Class
答案 2 :(得分:0)
Addwithvalue中没有@
它应该是sqlCom.Parameters.AddWithValue("@Email", txtEmail.Text);
不确定这个,但我正在研究C#,语法就像 sqlCom.CommandText =" INSERT INTO [Members]([Member First Name],[Member Name],[Gender],[Contact],[Email])VALUES(@ FirstName,@ LastName,@ Gender,@联系,@ Email)"在C#中确定VB
并尝试使用存储过程,它使代码整洁,易于操作,并且还防止SQL注入,这是一个很大的安全问题。
并且您还没有将性别值添加到sqlcommand,并使用参数传递