1. 首頁
  2. 問答
  3. 檢查更新命令,我的語法錯了嗎?

檢查更新命令,我的語法錯了嗎?

2013-09-27 53 views
0

他那裏所有, 我正在工作一個CMS,而嘗試更新命令更新記錄,它不工作。檢查更新命令,我的語法錯了嗎?

這裏是爲更新米完整的代碼,

Dim ID, RegNo, BedNo, BedType, Charges, PatName, PatAge, PatAddr, Phone, CheckupDate, Disease, BloodGroup, Doctor, Remarks As String 

    RegNo = txtRegNo.Text 
    BedNo = CmbBedNo.SelectedItem.ToString() 
    BedType = CmbBedType.SelectedItem.ToString() 
    Charges = txtCharges.Text 
    PatName = txtPatName.Text 
    PatAge = txtPatAge.Text 
    PatAddr = txtPatAdd.Text 
    Phone = txtPhone.Text 
    CheckupDate = txtDate.Text 
    Disease = txtDisease.Text 
    BloodGroup = cmbBloodGrp.SelectedItem.ToString() 
    Doctor = cmbDoctor.SelectedItem.ToString() 
    Remarks = txtRemarks.Text 

    ID = txtRegNo.Text 

    Dim conStudent As New OleDbConnection 
    Dim comStudent As New OleDbCommand 


    conStudent.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=F:\DBProject\hspms.mdb" 
    conStudent.Open() 

    comStudent.CommandText = "UPDATE AdmitPt SET ID =" & ID & ", Bedcategory='" & BedType & "', BedNo=" & BedNo & ", BedCharges=" & Charges & ", PtName='" & PatName & "', PtAge=" & PatAge & ", Address='" & PatAddr & "', PhoneNo='" & Phone & "', Dates='" & CheckupDate & "', Disease='" & Disease & "', BloodGroup='" & BloodGroup & "', Doctor='" & Doctor & "', Remarks='" & Remarks & "' WHERE ID=" & RegNo 

    comStudent.Connection = conStudent 

    comStudent.CommandType = CommandType.Text 

    If (comStudent.ExecuteNonQuery() > 0) Then 
     MsgBox("record successfully updated") 
    End If 

    conStudent.Close()

一件事,就是用ID,BedNo,BedCharges,年齡命名字段設置爲數字數據類型。

來源

2013-09-27 Qaiser

+0

如果有什麼不工作,你真的需要給錯誤信息,或某種指示爲*如果你想得到有用的答案,*什麼*不工作。此外,您應該真正使用查詢參數,而不是字符串連接,因爲此刻您很容易受到SQL注入的影響(更不用說每當有人在他們的名字中使用撇號時就會遇到錯誤) – Iridium

+0

沒有錯誤消息,但是在運行查詢後數據庫不會更新。 – Qaiser

+0

然後,不執行更新數據庫的代碼,或者WHERE子句中的部分不能按預期方式工作,並且類型塊更新 – nimdil

回答

0

首先,切換到參數化查詢。這將刪除SQL注入的任何可能性,但也避免了使用引號的字符串的問題,解析十進制數字和日期

Dim conString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=F:\DBProject\hspms.mdb" 
Dim cmdText = "UPDATE AdmitPt SET ID =?, Bedcategory=?, BedNo=?, BedCharges=?, " & _ 
       "PtName=?, PtAge=?, Address=?, PhoneNo=?, Dates=?, Disease=?, " & _ 
       "BloodGroup=?, Doctor=?, Remarks=? WHERE ID=?" 
Using conStudent = new OleDbConnection(conString) 
Using comStudent = new OleDbCommand(cmdText, conStudent) 
    conStudent.Open() 
    comStudent.Parameters.AddWithValue("@p1", Convert.ToInt32(ID)) 
    comStudent.Parameters.AddWithValue("@p2", BedType) 
    comStudent.Parameters.AddWithValue("@p3", Convert.ToInt32(BedNo)) 
    comStudent.Parameters.AddWithValue("@p4", Convert.ToDecimal(Charges)) 
    .... and so on for every other question marks in the cmdText .... 
    .... respecting the exact order of the fields ................... 
    .... try also to pass the correct datatype for every non string field 
    If (comStudent.ExecuteNonQuery() > 0) Then 
     MsgBox("record successfully updated") 
    End If 
End Using 
End Using

來源

2013-09-27 07:47:00 Steve

+0

感謝所有..它已得到解決 – Qaiser

相關問題

 相關問題