0
Private Sub submit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles submit.Click
Dim con As New OleDb.OleDbConnection
Dim cmd As New OleDb.OleDbCommand
Dim dbProvider As String = "PROVIDER = Microsoft.Jet.OleDb.4.0;"
Dim dbSource As String = "DATA SOURCE =" & Application.StartupPath & "\hospital.mdb"
con.ConnectionString = dbProvider & dbSource
If Not con.State = ConnectionState.Open Then
con.Open()
End If
cmd.Connection = con
cmd.CommandText = "INSERT INTO userdata(masterid, pname, aname, dob, bloodgroup, address, gender, referto, designation, relh, mpass, ward, bed, zone)" & _
"VALUES ('" & Me.masterid.Text & "','" & Me.pname.Text & "','" & Me.aname.Text & "','" & Me.dob.Text & "','" & Me.bloodgroup.Text & "','" & _
Me.address.Text & "','" & Me.gender.Text & "','" & Me.referto.Text & "','" & Me.designation.Text & "','" & Me.relh.Text & "','" & Me.mpass.Text & "','" & _
Me.ward.Text & "','" & Me.bed.Text & "','" & Me.zone.Text & "')"
cmd.ExecuteNonQuery()
con.Close()
End Sub
而且在cmd.Commandtext去的價值觀與你生成SQL語句錯誤在Access INSERT INTO語句從VB.NET
"INSERT INTO userdata(masterid, pname, aname, [dob], bloodgroup, address, gender, referto, designation, relh, mpass, ward, bed, zone)VALUES ('305201323114','fsdfsd','sdfsd','5/29/2013','AB+','sdfsd','Male','sdfsd','sdfsd','sdfsd','sdfdsf','sdfsdf','dfds','North East Zone')"
而你得到的錯誤是?如果在你說「我得到一個錯誤」之後,你立即說「錯誤是」,並且提供錯誤的描述,包括你得到的任何錯誤信息的確切文本*,那麼我們就可以更容易地解決問題。 。你的信息就在你面前。爲什麼不分享它,讓你更容易幫助你免費獲得幫助的人,這樣他們就不用再努力工作了? –
此代碼將容易受到sql注入攻擊。 –