0
我試圖通過C#使用OledB連接更新Access 2010數據庫上的數據/記錄,並試圖使一個能夠插入,更新,刪除數據的應用程序與數據庫。到目前爲止,我可以插入到數據庫中,並使用ComboBox來選擇一條記錄,但到目前爲止還沒有更新。在C#中使用Access數據庫更新語句錯誤/ OledB
An unhandled exception of type 'System.Data.OleDb.OleDbException' occurred in ClassLibrary2.dll
Additional information: Syntax error in UPDATE statement.
注:
它與下面的錯誤出現了,我已經用方括號嘗試但沒有太大的變化,並與一個致命的錯誤,而不是
這裏上來是代碼:
using System;
using System.Collections.Generic;
using System.Data.OleDb;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using ClassLibrary;
using System.Data;
namespace ClassLibrary2
{
public class Class1
{
OleDbConnection connection;
OleDbCommand command;
private void ConnectTo()
{
connection = new OleDbConnection(@"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=F:\CMS\CustomerDatabase.accdb;Persist Security Info=False");
command = connection.CreateCommand();
}
public Class1()
{
ConnectTo();
}
public void Insert(Customer p)
{
try
{
command.CommandText = "INSERT INTO CustomerData ([Forename], [Surname], [Email Address], [Home Phone Number], [Mobile Phone Number], [Address], [AreaTown], [County], [Postcode]) VALUES('" + p.Forename1 + "', '" + p.Surname1 + "', '" + p.EAddress1 + "', '" + p.HomePhone1 + "' , '" + p.MobNum1 + "' , '" + p.Address1 + "', '" + p.AreaTown1 + "', '" + p.County1 + "', '" + p.Postcode1 + "')";
command.CommandType = CommandType.Text;
connection.Open();
command.ExecuteNonQuery();
}
catch (Exception)
{
throw;
}
finally
{
if (connection != null)
{
connection.Close();
}
}
}
public List<Customer> FillComboBox()
{
List<Customer> CustomersList = new List<Customer>();
try
{
command.CommandText = "SELECT * FROM CustomerData";
command.CommandType = CommandType.Text;
connection.Open();
OleDbDataReader reader = command.ExecuteReader();
while (reader.Read())
{
Customer p = new Customer();
p.Id = Convert.ToInt32(reader["ID"].ToString());
p.Forename1 = reader["Forename"].ToString();
p.Surname1 = reader["Surname"].ToString();
p.EAddress1 = reader["Email Address"].ToString();
p.HomePhone1 = reader["Home Phone Number"].ToString();
p.MobNum1 = reader["Mobile Phone Number"].ToString();
p.Address1 = reader["Address"].ToString();
p.AreaTown1 = reader["AreaTown"].ToString();
p.County1 = reader["County"].ToString();
p.Postcode1 = reader["Postcode"].ToString();
CustomersList.Add(p);
}
return CustomersList;
}
catch (Exception)
{
throw;
}
finally
{
if (connection != null)
{
connection.Close();
}
}
}
public void Update(Customer oldCustomer, Customer newCustomer)
{
try
{
command.CommandText = "UPDATE CustomerData SET Forename= '" + newCustomer.Forename1 + "', Surname= '" + newCustomer.Surname1 + "', Email Address= '" + newCustomer.EAddress1 + "', Home Phone Number= '" + newCustomer.HomePhone1 + "', Mobile Phone Number= '" + newCustomer.MobNum1 + "', Address= '" + newCustomer.Address1 + "', AreaTown= '" + newCustomer.AreaTown1 + "', County= '" + newCustomer.County1 + "', Postcode= '" + newCustomer.Postcode1 + "' WHERE ID= ' + oldCustomer.Id'";
command.CommandType = CommandType.Text;
connection.Open();
command.ExecuteNonQuery();
}
catch (Exception)
{
throw;
}
finally
{
if (connection != null)
{
connection.Close();
}
}
}
}
}
很抱歉,如果代碼是有點長
我已經上LY剛開始使用C#,可能需要多一點解釋
不要介意給予任何進一步的細節,以便隨意問
從sql注入的角度和數據類型的角度來看,使用參數更安全,例如,http://stackoverflow.com/questions/18066600/no-value-given-for-one - 或更多所需參數 – Fionnuala