虽然我的代码正确执行,但我无法在SQL DB中插入记录。
以下是我的评论代码:
Dim connection2 As New SqlConnection With {.ConnectionString = "Server = VAIOO-PC\SERVER ; Database = cust_id ; Integrated Security= true "}
Dim dataadpt As New SqlDataAdapter
Dim dataset As New DataSet
Dim message As String
If RadioButton1.Checked = True Then
message = "Male"
Else
message = "Female"
End If
connection2.Open()
Dim thisDate As Date
thisDate = Today
使用参数设置SQL命令。参数可以防止SQL注入攻击(并使您的SQL更易于阅读/管理)。
Dim command As SqlCommand = connection2.CreateCommand
command.CommandText = " insert into customer_id values (@cust_id, @fname, @lname, @contact_no, @address,@sex,@age)"
command.Parameters.AddWithValue("@cust_id", Custid.Text)
command.Parameters.AddWithValue("@fname", FName.Text)
command.Parameters.AddWithValue("@lname", Lname.Text)
command.Parameters.AddWithValue("@contact_no", Contactno.Text)
command.Parameters.AddWithValue("@address", Address.Text)
command.Parameters.AddWithValue("@sex", message)
command.Parameters.AddWithValue("@date_of_registration", thisDate)
command.Parameters.AddWithValue("@age", age.Text)
connection2.Close()