商店,我有這樣的代碼:有些值不會在數據庫
Private Sub btnAdd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnAdd.Click
If txtCode.Text <> "878" Then
If ((txtCode.Text <> "") And (txtRefNo.Text <> "") And (txtPayee.Text <> "") And (txtOffice.Text <> "") And (txtAddress.Text <> "") And (txtParticulars.Text <> "") And (txtPPA.Text <> "") And (txtAmount.Text <> "")) Then
Try
If IsNumeric(txtAmount.Text) = False Then
MsgBox("Amount value should be in correct number format! e.g: 10000.00 or 10,000.00", MsgBoxStyle.Exclamation)
Exit Sub
End If
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
modGlobalFunctions.DateTimeNow = String.Format("{0:yyyy/MM/dd}", DateTime.Now)
Dim Reader As MySqlDataReader
Dim Amount As Double = Double.Parse(txtAmount.Text)
Reader = modGlobalFunctions.executeQuery("SELECT * FROM obligations " & _
"WHERE ref_no='" & txtRefNo.Text & "'")
If Reader.HasRows Then
MessageBox.Show("Could not insert duplicate entries for REFERENCE NO.!", "Form Validations", MessageBoxButtons.OK, MessageBoxIcon.Error)
Reader.Close()
modGlobalFunctions.Connection.Close()
Else
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
modGlobalFunctions.executeNonQuery("INSERT INTO obligations (resp_id, year_id, expenditure_id, ref_no, payee, office, address, particulars, ppa, amount, date_entered, date_edited, signature1, position1, signature2, position2) " & _
"VALUES ('" & RespCenterId & "', " & _
"'" & YearId & "', " & _
"'" & txtExpId.Text & "', " & _
"'" & modGlobalFunctions.addslashes(txtRefNo.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtPayee.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtOffice.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtAddress.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtParticulars.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtPPA.Text) & "', " & _
"'" & Amount & "', " & _
"'" & modGlobalFunctions.DateTimeNow & "', " & _
"'" & modGlobalFunctions.DateTimeNow & "', " & _
"'" & Signature1 & "', " & _
"'" & Position1 & "', " & _
"'" & Signature2 & "', " & _
"'" & Position2 & "')")
MsgBox("Record has been added!", MsgBoxStyle.Information)
modGlobalFunctions.Connection.Close()
Me.Close()
Dispose()
frmObligations.MdiParent = frmMain
frmObligations.Show()
frmObligations.obligationLoadGrid()
End If
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
Else
MsgBox("Please fill up all form fields!", MsgBoxStyle.Exclamation)
modGlobalFunctions.Connection.Close()
End If
modGlobalFunctions.Connection.Close()
Else
If ((txtCode.Text <> "") And (txtRefNo.Text <> "") And (txtPayee.Text <> "") And (txtOffice.Text <> "") And (txtAddress.Text <> "") And (txtParticulars.Text <> "")) Then
Try
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
modGlobalFunctions.DateTimeNow = String.Format("{0:yyyy/MM/dd}", DateTime.Now)
Dim Reader As MySqlDataReader
Reader = modGlobalFunctions.executeQuery("SELECT * FROM obligations " & _
"WHERE ref_no='" & txtRefNo.Text & "'")
If Reader.HasRows Then
MessageBox.Show("Could not insert duplicate entries for REFERENCE NO.!", "Form Validations", MessageBoxButtons.OK, MessageBoxIcon.Error)
Reader.Close()
modGlobalFunctions.Connection.Close()
Else
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
modGlobalFunctions.executeNonQuery("INSERT INTO obligations (resp_id, year_id, expenditure_id, ref_no, payee, office, address, particulars, date_entered, date_edited, signature1, position1, signature2, position2) " & _
"VALUES ('" & RespCenterId & "', " & _
"'" & YearId & "', " & _
"'" & txtExpId.Text & "', " & _
"'" & modGlobalFunctions.addslashes(txtRefNo.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtPayee.Text) & "', " & _
"'" & odGlobalFunctions.addslashes(txtOffice.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtAddress.Text) & "', " & _
"'" & modGlobalFunctions.addslashes(txtParticulars.Text) & "', " & _
"'" & modGlobalFunctions.DateTimeNow & "', " & _
"'" & modGlobalFunctions.DateTimeNow & "', " & _
"'" & Signature1 & "', " & _
"'" & Position1 & "', " & _
"'" & Signature2 & "', " & _
"'" & Position2 & "')")
MsgBox("Record has been added! You can now add project title!", MsgBoxStyle.Information)
frmProject.MdiParent = frmMain
frmProject.Show()
frmProject.Label2.Text = txtRefNo.Text
Me.Enabled = False
End If
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
Else
MsgBox("Please fill up all form fields!", MsgBoxStyle.Exclamation)
modGlobalFunctions.Connection.Close()
End If
modGlobalFunctions.Connection.Close()
End If
End Sub
有什麼看法就是爲什麼Signature1,位置1,簽名2和職位2不存儲在數據庫中的問題。它的工作原理之前很正常,直到我把因爲類的,如果代碼...順便說一下這裏的signature1,位置1,簽名2和位置2的代碼:
Signature1:
Private Sub cbSignatory1_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
Try
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
Reader = modGlobalFunctions.executeQuery("SELECT person_id FROM persons WHERE person_name='" & cbSignatory1.Text & "'")
If Reader.HasRows Then
While Reader.Read
Signature1 = Reader("person_id").ToString()
End While
End If
Reader.Close()
modGlobalFunctions.Connection.Close()
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
modGlobalFunctions.Connection.Close()
End Sub
簽名2:
Private Sub cbSignatory2_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
Try
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
Reader = modGlobalFunctions.executeQuery("SELECT person_id FROM persons WHERE person_name='" & cbSignatory2.Text & "'")
If Reader.HasRows Then
While Reader.Read
Signature2 = Reader("person_id").ToString()
End While
End If
Reader.Close()
modGlobalFunctions.Connection.Close()
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
modGlobalFunctions.Connection.Close()
End Sub
位置1:
Private Sub cbPosition1_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
Try
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
Reader = modGlobalFunctions.executeQuery("SELECT position_id FROM positions WHERE position_name='" & cbPosition1.Text & "'")
If Reader.HasRows Then
While Reader.Read
Position1 = Reader("position_id").ToString()
End While
End If
Reader.Close()
modGlobalFunctions.Connection.Close()
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
modGlobalFunctions.Connection.Close()
End Sub
職位2:
Private Sub cbPosition2_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
Try
modGlobalFunctions.Connection.Close()
modGlobalFunctions.connectDatabase()
Reader = modGlobalFunctions.executeQuery("SELECT position_id FROM positions WHERE position_name='" & cbPosition2.Text & "'")
If Reader.HasRows Then
While Reader.Read
Position2 = Reader("position_id").ToString()
End While
End If
Reader.Close()
modGlobalFunctions.Connection.Close()
Catch ex As Exception
MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
End Try
modGlobalFunctions.Connection.Close()
End Sub
有什麼建議嗎?
請*使用佔位符/參數*(看這件事,修復代碼,和*然後*參見堅持什麼問題)。不僅*可能會「修復」這個問題,它會阻止SQL注入攻擊。 – 2012-08-10 00:46:02
,因爲它只是添加這就是爲什麼沒有更新... – bayan0926 2012-08-10 01:00:01
插入記錄時沒有出現任何錯誤? – 2012-08-10 01:12:29