Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim con As New OleDb.OleDbConnection
Dim str As String = "Provider=Microsoft.ACE.OLEDB.12.0; Data Source=..\VisitorPass.accdb"
Dim sql As String
sql = "Update Visitor set [password]='" & txtPassword.Text & "',FirstName='" & txtFirstName.Text & "',LastName='" & txtLastName.Text & "',Gender='" & txtGender.Text & "',MobileNo='" & txtMobileNO.Text & "',DateOfBirth='" & txtDateOfBirth.Text & "',VisitorAddress='" & txtVisitorAddress.Text & "'where ID='" & lblID2.Text & "'"
con = New OleDbConnection(str)
Dim cmd As New OleDbCommand(sql, con)
con.Open()
cmd.ExecuteNonQuery()
Dim obj1 As New VisitorProfile
obj1.StringPass = txtName.Text
MsgBox("profile is updated")
obj1.Show()
con.Close()
Me.Close()
End Sub
答案 0 :(得分:0)
您的条件表达式中只有一个字段Id。我怀疑它不是Text而是它实际上是一个Integer。所以删除引号:(还在单引号和其中的位置添加空格。)
"' where ID=" & lblID2.Text & "
然而,这会让您对sql注入攻击开放,因此您应该对查询进行参数化。