SQL错误,可能是新手错误

时间:2016-08-26 20:41:40

标签: sql vba ms-access odbc

我在VBA脚本中插入SQL INSERT INTO语句,使用ODBC从word doc中提取数据并自动将其放入访问数据库。

我已经验证了数据不匹配,我将其与其他INSERT INTO语句进行了比较,这些语句没有问题。这些语句链接到字符串变量,然后在cnn.execute命令中使用。

存储和执行变量的代码如下:

Sub TransferInstructorInfo()

'Transfer new Instructor Information record to DB

Dim cnn As ADODB.Connection

Dim strConnection As String

Dim InstTable As String

Dim EduTable As String

Dim EmpTable As String

Dim RefTable As String

Dim strPath As String

Dim doc As Word.Document

' Define Doc Variables

 Dim Campus As String
 Dim DOE As String
 Dim Fname As String
 Etc...
'Link defined variables to forms in the word doc

Campus = Chr(39) & doc.FormFields("Campus").Result & Chr(39)
DOE = Chr(39) & doc.FormFields("HireDate").Result & Chr(39)
Fname = Chr(39) & doc.FormFields("FirstName").Result & Chr(39)
Mname = Chr(39) & doc.FormFields("MiddleName").Result & Chr(39)
Nname = Chr(39) & doc.FormFields("NickName").Result & Chr(39)
etc...

InstTable = "INSERT INTO Instructors (InstructorID,[First Name],[Middle Initial],[Last Name],Nickname,Campus,[Job Title],Address,City,State,Zip,Phone,DOB,SSN,DOE)" _
& "SELECT " & InstructorID & "," & Fname & "," & Mname & "," & Lname & "," & Nname & "," & Campus & "," & Job & "," & Address & "," & City & "," & State & "," & Zip & "," & Phone & "," & DOB & "," & SSN & "," & DOE & ";" 


EmpTable = "INSERT INTO [Employment History] ( InstructorID, Company1, CompAdd1, Comp1Supervisor, CompPhone1, Comp1From, Comp1To, Comp1Title, Comp1Description, Company2, CompAdd2, Comp2Supervisor, CompPhone2, Comp2From, Comp2To, Comp2Title, Comp2Description, Company3, CompAdd3, Comp3Supervisor, CompPhone3, Comp3From, Comp3To, Comp3Title, Comp3Description, Company4, CompAdd4, Comp4Supervisor, CompPhone4, Comp4From, Comp4To, Comp4Title, Comp4Description, Company5, CompAdd5, Comp5Supervisor, CompPhone5, Comp5From, Comp5To, Comp5Title, Comp5Description, Company6, CompAdd6, Comp6Supervisor, CompPhone6, Comp6From, Comp6To, Comp6Title, Comp6Description, Company7, CompAdd7, Comp7Supervisor, CompPhone7, Comp7From, Comp7To, Comp7Title, Comp7Description )" _
& "SELECT " & InstructorID & "," & Comp1 & "," & Comp1Add & "," & Comp1sup & "," & Comp1Phone & "," & comp1from & "," & comp1To & "," & Comp1Title & "," & Comp1Desc & "," & Comp2 & "," & Comp2Add & "," & Comp2sup & "," & Comp2Phone & "," & comp2from & "," & comp2To & "," & Comp2Title & "," & Comp2Desc & "," & Comp3 & "," & Comp3Add & "," & Comp3sup & "," & Comp3Phone & "," & comp3from & "," & comp3To & "," & Comp3Title & "," & Comp3Desc & "," & Comp4 & "," & Comp4Add & "," & Comp4sup & "," & Comp4Phone & "," & comp4from & "," & comp4To & "," & Comp4Title & "," & Comp4Desc & "," & Comp5 & "," & Comp5Add & "," & Comp5sup & "," & Comp5Phone & "," & comp5from & "," & comp5To & "," & Comp5Title & "," & Comp5Desc & "," & Comp6 & "," & Comp6Add & "," & Comp6sup & "," & Comp6Phone & "," & comp6from & "," & comp6To & "," & Comp6Title & "," & Comp6Desc & "," & Comp7 & "," & Comp7Add & "," & Comp7sup & "," & Comp7Phone & "," & comp7from & "," & comp7To & "," & Comp7Title & "," & Comp7Desc & ";"


RefTable = "INSERT INTO References ( InstructorID, CharRef1, CRAddress1, CRPhone1, CharRef2, CRAddress2, CRPhone2, CharRef3, CRAddress3, CRPhone3 )" & "SELECT " & InstructorID & "," & charref1 & "," & CRAddress1 & "," & CRPhone1 & "," & charref2 & "," & CRAddress2 & "," & CRPhone2 & "," & charref3 & "," & CRAddress3 & "," & CRPhone3 & ";"

EduTable = "INSERT INTO [Education History] ( InstructorID,Sch1,Sch1Address,Sch1From,Sch1To,Sch1GradDate,Sch1DegreeType,Sch2,Sch2Address,Sch2Program,Sch2From,Sch2To,Sch2GradDate,Sch2DegreeType,TradeSchool,TSAddress,TCourse,TSFrom,TSTo,TSGradDate,TSDegreeType,[Highest Degree Earned],[Highest Awarding Institute],[ASE Certified])" _
& "SELECT " & InstructorID & "," & Sch1 & "," & Sch1Add & "," & Sch1from & "," & Sch1to & "," & Sch1Graddate & "," & Sch1Degree & "," & Sch2 & "," & Sch2Address & "," & sch2program & "," & sch2from & "," & sch2to & "," & Sch2Graddate & "," & sch2degree & "," & TSName & "," & TSAdd & "," & TSprogram & "," & TSfrom & "," & TSto & "," & TSgrad & "," & TSDegree & "," & Highestedu & "," & Highestdegree & "," & ASE & ";"

Debug.Print EduTable
Debug.Print EmpTable

Set cnn = New ADODB.Connection

'DSN connection Set DSN locally if it fails, ODBC panel USER DSN, use access driver and point it to the database

cnn.Open "Instructor"


cnn.Execute InstTable

cnn.Execute RefTable

cnn.Execute EmpTable

cnn.Execute EduTable <----Here is where the debug breaks.

前三个插入语句有效 edu表没有。

通过提取数据,所有这三个都正常工作,这是查询失败,我无法弄清楚原因。 

"INSERT INTO [Education History] ( InstructorID,Sch1,Sch1Address,Sch1From,Sch1To,Sch1GradDate,Sch1DegreeType,Sch2,Sch2Address,Sch2Program,Sch2From,Sch2To,Sch2GradDate,Sch2DegreeType,TradeSchool,TSAddress,TCourse,TSFrom,TSTo,TSGradDate,TSDegreeType,[Highest Degree Earned],[Highest Awarding Institute],[ASE Certified])" _
& "SELECT " & InstructorID & "," & Sch1 & "," & Sch1Add & "," & Sch1from & "," & Sch1to & "," & Sch1Graddate & "," & Sch1Degree & "," & Sch2 & "," & Sch2Address & "," & sch2program & "," & sch2from & "," & sch2to & "," & Sch2Graddate & "," & sch2degree & "," & TSName & "," & TSAdd & "," & TSprogram & "," & TSfrom & "," & TSto & "," & TSgrad & "," & TSDegree & "," & Highestedu & "," & Highestdegree & "," & ASE & ";"

VBA调试器告诉我这是一个无效的插入语句,在线跳棋告诉我它[教育历史]失败了,我在这里失踪了什么?

我确实知道我可以使用事务并完成同样的事情,但我相信我的INSERT INTO语句仍会遇到错误。

非常感谢任何帮助,暂时坚持这一点。

2 个答案:

答案 0 :(得分:0)

想出来,我看起来不够努力

我在Edu查询中输错了两个变量。

我要感谢大家的帮助,特别是@Tim Williams的调试版。当我遵循他的建议并将输出放在查询中时,我注意到输出了一些变量,而不是实际输入。

答案 1 :(得分:0)

此外,由于您是一个自我声明的新手,我们将不再建议您或将来的读者参数化您的SQL查询(行业最佳实践),以避免任何报价封闭,运行起来更有效率,并迫使您作为开发人员明确定义每个值的数据类型(这有助于避免遗漏一些)。

下面是ADO和DAO方法,以及一个查询的示例。虽然它可能看起来令人生畏并且有太多新的代码行,但仍然认为它可以安全地绑定来自Word文档的用户表单中的值以保证数据库不受sql注入的影响。你的一些聪明的用户可能会试图破坏你的工作!注意定义的id,日期和字符串类型。

ADO 方法(您目前使用的) 

Dim cmd As ADODB.Command
...
Campus = doc.FormFields("Campus").Result
DOE = doc.FormFields("HireDate").Result
Fname = doc.FormFields("FirstName").Result
Mname = doc.FormFields("MiddleName").Result
Nname = doc.FormFields("NickName").Result
...

InstTable = "INSERT INTO Instructors (InstructorID, [First Name], [Middle Initial]," _
             & " [Last Name], Nickname, Campus, [Job Title]," _
             & " Address, City, State, Zip, Phone, DOB, SSN, DOE) " _
             & " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);" 

Set cmd = New ADODB.Command          ' RESET CMD WITH EACH SQL QUERY 
With cmd
    .ActiveConnection = conn
    .CommandText = InstTable
    .CommandType = adCmdText
    .CommandTimeout = 45
End With

cmd.Parameters.Append cmd.CreateParameter("InstructorIDParam", adInteger, adParamInput, InstructorID)
cmd.Parameters.Append cmd.CreateParameter("FNameParam", adVarChar, adParamInput, FName)
cmd.Parameters.Append cmd.CreateParameter("MNameParam", adVarChar, adParamInput, MName)
cmd.Parameters.Append cmd.CreateParameter("LNameParam", adVarChar, adParamInput, LName)
cmd.Parameters.Append cmd.CreateParameter("NnameParam", adVarChar, adParamInput, Nname)
cmd.Parameters.Append cmd.CreateParameter("CampusParam", adVarChar, adParamInput, Campus)
cmd.Parameters.Append cmd.CreateParameter("JobParam", adVarChar, adParamInput, Job)
cmd.Parameters.Append cmd.CreateParameter("AddressParam", adVarChar, adParamInput, Address)
cmd.Parameters.Append cmd.CreateParameter("CityParam", adVarChar, adParamInput, City)
cmd.Parameters.Append cmd.CreateParameter("StateParam", adVarChar, adParamInput, State)
cmd.Parameters.Append cmd.CreateParameter("ZipParam", adVarChar, adParamInput, Zip)
cmd.Parameters.Append cmd.CreateParameter("PhoneParam", adVarChar, adParamInput, Phone)
cmd.Parameters.Append cmd.CreateParameter("DOEParam", adDate, adParamInput, DOE)
cmd.Parameters.Append cmd.CreateParameter("SSNParam", adVarChar, adParamInput, SSN)

cmd.Execute
Set cmd = Nothing

DAO 方法

' SET VBA reference: Microsoft Office ##.0 Access database engine object library 

Dim db As DAO.Database, qd As DAO.QueryDef

Set db = OpenDatabase("C:\Path\To\Database.accdb", True)

InstTable = "PARAMETERS InstructorIDParam Long, FnameParam Text(255), MnameParam Text(255), LnameParam Text(255),"_ 
             & "         NnameParam Text(255), CampusParam Text(255), JobParam Text(255), AddressParam Text(255)," _ 
             & "         CityParam Text(255), StateParam Text(255), ZipParam Text(255), PhoneParam Text(255)," _
             & "         DOBParam Text(255), SSNParam Text(255), DOEParam DateTime;" _
             & " INSERT INTO Instructors (InstructorID, [First Name], [Middle Initial], [Last Name], Nickname," _
             & "             Campus, [Job Title], Address, City, State, Zip, Phone, DOB, SSN, DOE) " _
             & " VALUES (InstructorIDParam, FnameParam, MnameParam, LnameParam, NnameParam, CampusParam, JobParam," _ 
             & "         AddressParam, CityParam, StateParam, ZipParam, PhoneParam, DOBParam, SSNParam, DOEParam);" _

Set qd = db.CreateQueryDef("", InstTable)

qd!InstructorIDParam = InstructorID
qd!FNameParam = FName
qd!MNameParam = MName
qd!LNameParam = LName
qd!NnameParam = Nname
qd!CampusParam = Campus
qd!JobParam = Job
qd!AddressParam = Address
qd!CityParam = City
qd!StateParam = State
qd!ZipParam = Zip
qd!PhoneParam = Phone
qd!DOEParam = DOE
qd!SSNParam = SSN

qd.Execute
相关问题
最新问题