' Invest'附近的语法不正确

时间:2016-12-02 20:55:03

标签: asp.net vb.net sqldataadapter

运行代码时出现以下错误。任何帮助确定原因都会有所帮助。

Dim cmd_Email As New SqlCommand(
      "SELECT Main.P_Email FROM Invest INNER JOIN Main ON Invest.Ph_num = Main.Ph_num" & _
      "WHERE Invest.P_num =" & Ptcl & "UNION" & _
      "Select Main.P_Email FROM Invest INNER JOIN Main ON Invest.Ass1 = Main.Ph_num" & _
      "WHERE Invest.P_num =" & Ptcl & "UNION" & _
      "SELECT Main.P_Email FROM Invest INNER JOIN Main ON Invest.Ass2 = Main.Ph_num" & _
      "WHERE Invest.P_num = " & Ptcl, connection)
Dim read_Email As SqlDataReader = cmd_Email.ExecuteReader()

1 个答案:

答案 0 :(得分:0)

在我看来,T-SQL格式错误,因为Ptcl变量和其他指令之间没有空格。

main

上述查询已针对这些空格进行了修复。但最好的办法是参数化你的查询,拥有更易读的结构,保护自己免受SQL注入,并有一个更健壮的方法将参数传递给查询本身。

希望这有帮助