从表单上的各种文本框中获取数据并对SQL Server数据库进行更新。这是SQL的创建:
Dim upDateStr As String
upDateStr = "UPDATE dbo_Master_Accounts SET dbo_Master_Accounts.FirstName = " & Chr$(34) & Me.disFirstName & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.LastName = " & Chr$(34) & Me.disLastName & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Address_Line_1 = " & Chr$(34) & Me.disAddr1 & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.City = " & Chr$(34) & Me.disCity & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.State = " & Chr$(34) & Me.disState & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.PostalCode = " & Chr$(34) & Me.disPostalCode & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Phone_Number_1 = " & Chr$(34) & Me.disHomePhone & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Phone_Number_2 = " & Chr$(34) & Me.disCellPhone & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Gender = " & Chr$(34) & Me.disGender & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Date_Of_Birth = " & Chr$(34) & Me.disDateofBirth & Chr$(34) & ", "
upDateStr = upDateStr + "dbo_Master_Accounts.Email = " & Chr$(34) & Me.disEmailAddress & Chr$(34) & ", "
upDateStr = upDateStr + "WHERE (((dbo_Master_Accounts.Master_ID) = " & Chr$(34) & Me.frmoldCardno & Chr$(34) & ""
立即查看查询,所有数据都在那里,看起来是正确的。这是即时窗口。
UPDATE dbo_Master_Accounts
SET dbo_Master_Accounts.FirstName = "John",
dbo_Master_Accounts.LastName = "Handy",
dbo_Master_Accounts.Address_Line_1 = "123 From",
dbo_Master_Accounts.City = "Somewhere",
dbo_Master_Accounts.State = "IL",
dbo_Master_Accounts.PostalCode = "50310",
dbo_Master_Accounts.Phone_Number_1 = "1234567890",
dbo_Master_Accounts.Phone_Number_2 = "",
dbo_Master_Accounts.Gender = "M",
dbo_Master_Accounts.Date_Of_Birth = "02/14/1967",
dbo_Master_Accounts.Email = "me@mine.com",
WHERE (((
dbo_Master_Accounts.Master_ID
) = "000055"
但是我收到了一个我看不到的语法错误。尝试仅运行第一行和最后两行代码并获得相同的错误。
提前致谢
JPL
答案 0 :(得分:0)
首先尝试查看它是否有效(删除之前的逗号,并修复括号),然后使用参数来正确执行,因为这样你就可以接受SQL注入攻击了
Dim upDateStr As String
upDateStr = "UPDATE dbo_Master_Accounts SET dbo_Master_Accounts.FirstName = '" & Me.disFirstName & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.LastName = '" & Me.disLastName & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Address_Line_1 = '" & Me.disAddr1 & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.City = '" & Me.disCity & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.State = '" & Me.disState & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.PostalCode = '" & Me.disPostalCode & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Phone_Number_1 = '" & Me.disHomePhone & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Phone_Number_2 = '" & Me.disCellPhone & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Gender = '" & Me.disGender & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Date_Of_Birth = '" & Me.disDateofBirth & "', "
upDateStr = upDateStr + "dbo_Master_Accounts.Email = '" & Me.disEmailAddress & "' "
upDateStr = upDateStr + "WHERE (dbo_Master_Accounts.Master_ID) = '" & Me.frmoldCardno & "' "