1. 首頁
  2. 問答
  3. 錯誤消息:在UPDATE語句的語法錯誤

錯誤消息:在UPDATE語句的語法錯誤

2015-05-04 113 views
-2

我不知道爲什麼,當過我點擊更新按鈕,我得到一個錯誤錯誤消息:在UPDATE語句的語法錯誤

語法錯誤在UPDATE語句

我沒有知道什麼地方出了錯在我的代碼

這是我的代碼:

Public Class Form1 
    Private Function vld(ByVal ParamArray ctl() As Object) As Boolean 
     For i As Integer = 0 To UBound(ctl) 
      If ctl(i).text = "" Then 
       ErrorProvider1.SetError(ctl(i), ctl(i).tag) 
       Return False 
       Exit For 
      End If 
     Next 
     Return True 
    End Function 
    Dim cn As New OleDbConnection 
    Dim cm As New OleDbCommand 
    Dim da As OleDbDataAdapter 
    Dim dt As New DataTable 

    Private Sub Form1_FormClosing(sender As Object, e As System.Windows.Forms.FormClosingEventArgs) Handles Me.FormClosing 
     cn.Close() 
    End Sub 
    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load 
     TxtExamtime.Format = DateTimePickerFormat.Custom 
     TxtExamtime.CustomFormat = "hh:MM tt" 
     cn.ConnectionString = "provider=microsoft.jet.oledb.4.0; Data Source=C:\psave\New folder\save.xls;Extended Properties=Excel 8.0;" 
     cn.Open() 
     FillDataGridView("select ID, Family Name, Given Name, Gender, DOB, Exam Date, Exam Time, Street Name, House Nr, PLZ, City from [edit$]") 

    End Sub 

    Private Sub FillDataGridView(ByVal Query As String) 
     da = New OleDbDataAdapter(Query, cn) 
     dt.Clear() 
     da.Fill(dt) 
     With DataGridView1 
      .DataSource = dt 
      .Columns(0).HeaderText = "ID" 
      .Columns(1).HeaderText = "Family Name" 
      .Columns(2).HeaderText = "Given Name" 
      .Columns(3).HeaderText = "Gender" 
      .Columns(4).HeaderText = "DOB" 
      .Columns(5).HeaderText = "Exam Date" 
      .Columns(6).HeaderText = "Exam Time" 
      .Columns(7).HeaderText = "Street Name" 
      .Columns(8).HeaderText = "House Nr" 
      .Columns(9).HeaderText = "PLZ" 
      .Columns(10).HeaderText = "City" 
      .Columns(10).AutoSizeMode = DataGridViewAutoSizeColumnMode.Fill 
     End With 
    End Sub 

    Private Sub BtnSearch_Click(sender As Object, e As EventArgs) Handles BtnSearch.Click 
     Try 
      FillDataGridView("select * from [edit$] where ID='" & TxtId.Text & "'") 
      TxtFamilyname.Text = dt.Rows(0).Item(1) 
      TxtGivenname.Text = dt.Rows(0).Item(2) 
      TxtGender.Text = dt.Rows(0).Item(3) 
      TxtDob.Text = dt.Rows(0).Item(4) 
      TxtExamdate.Text = dt.Rows(0).Item(5) 
      TxtExamtime.Text = dt.Rows(0).Item(6) 
      TxtStreet.Text = dt.Rows(0).Item(7) 
      TxtHouse.Text = dt.Rows(0).Item(8) 
      TxtPlz.Text = dt.Rows(0).Item(9) 
      TxtCity.Text = dt.Rows(0).Item(10) 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Critical, Text) 
     End Try 
    End Sub 

    Private Sub BtnSave_Click(sender As Object, e As EventArgs) Handles BtnSave.Click 
     If vld(TxtId, TxtFamilyname, TxtGivenname, TxtGender, TxtDob, TxtExamdate, TxtExamtime, TxtStreet, TxtHouse, TxtPlz, TxtCity) = False Then 
      Exit Sub 
     Else 

     End If 

     Try 
      With cm 
       .Connection = cn 
       .CommandText = "insert into [edit$]values('" & TxtId.Text & "','" & TxtFamilyname.Text & "','" & TxtGivenname.Text & "','" & TxtGender.Text & "','" & TxtDob.Text & "','" & TxtExamdate.Text & "','" & TxtExamtime.Text & "','" & TxtStreet.Text & "','" & TxtHouse.Text & "','" & TxtPlz.Text & "','" & TxtCity.Text & "')" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Critical, Text) 
      Return 
     End Try 
     MsgBox("succefully Saved!", MsgBoxStyle.Information, Text) 
    End Sub 

    Private Sub BtnUpdate_Click(sender As Object, e As EventArgs) Handles Btnupdate.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Update from [edit$] set [Family Name] = '" & TxtFamilyname.Text & "' where ID ='" & TxtId.Text & "' and Given Name = '" & TxtGivenname.Text & "' and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and Exam Date'" & TxtExamdate.Text & "'and Exam Time = '" & TxtExamtime.Text & "'and Street Name = '" & TxtStreet.Text & "'and House Nr = '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 
      Return 
     End Try 
     MsgBox("Succesfully updated!", MsgBoxStyle.Information, Text) 
    End Sub 

    Private Sub BtnClose_Click(sender As Object, e As EventArgs) Handles BtnClose.Click 
     Close() 
    End Sub 

    Private Sub BtnClear_Click(sender As Object, e As EventArgs) Handles BtnClear.Click 
     TxtId.Clear() 
     TxtFamilyname.Clear() 
     TxtGivenname.Clear() 
     TxtStreet.Clear() 
     TxtHouse.Clear() 
     TxtPlz.Clear() 
     TxtCity.Clear() 
     'To see all the data in DataGridView 
     FillDataGridView("select * from[edit$]") 

    End Sub 

    Private Sub BtnDelete_Click(sender As Object, e As EventArgs) Handles BtnDelete.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Delete from [edit$] where [Family Name] = '" & TxtFamilyname.Text & "' and ID ='" & TxtId.Text & "' and [Given Name] = '" & TxtGivenname.Text & "'and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and [Exam Date]'" & TxtExamdate.Text & "'and [Exam Time] = '" & TxtExamtime.Text & "'and [Street Name] = '" & TxtStreet.Text & "'and [House Nr] = '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      MsgBox("Succesfully Deleted!", MsgBoxStyle.Information, Text) 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 

     End Try 
    End Sub 
End Class

來源

2015-05-04 Izaz

+2

您應該注意消息告訴您的內容並檢查您的'更新'查詢。 'UPDATE FROM ...'不是有效的語法。 – 2015-05-04 08:24:11

+0

***所有代碼中的***都發生了錯誤? –

+1

[SQL注入警報](http://msdn.microsoft.com/zh-cn/library/ms161953%28v=sql.105%29。aspx) - 你應該**不**連接你的SQL語句 - 使用**參數化查詢**來代替以避免SQL注入 –

回答

2

貝斯解決您的代碼中的其他問題(例如你應該幾乎總是使用參數化查詢),Update from [edit$] set...是錯誤的。

只需使用Update [edit$] set...

來源

2015-05-04 08:24:25 sloth

1

您的更新statment語法顯然是不正確的:

請看下面的代碼:

Private Sub BtnUpdate_Click(sender As Object, e As EventArgs) Handles Btnupdate.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Update [edit$] set [Family Name] = '" & TxtFamilyname.Text & "' where ID ='" & TxtId.Text & "' and [Given Name] = '" & TxtGivenname.Text & "' and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and [Exam Date]='" & TxtExamdate.Text & "'and [Exam Time]= '" & TxtExamtime.Text & "'and [Street Name] = '" & TxtStreet.Text & "'and [House Nr]= '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 
      Return 
     End Try 
     MsgBox("Succesfully updated!", MsgBoxStyle.Information, Text) 
    End Sub

將所有的列名[]內其他明智的查詢將被錯誤地解釋因爲它可能會在遇到空白時立即忽略其餘的查詢

您已經正確它姓,但肯定忽略了這兩者之間

來源

2015-05-04 08:25:36

+0

現在它顯示錯誤消息爲「查詢表達式中的語法錯誤(缺少操作符)」 – Izaz

+0

@Izaz正如Ciaran所提到的,你的代碼還有其他一些問題。放置所有列名之間有空格的名稱。例如:考試時間,門牌號碼等 –

+0

仍然在查詢表達式中顯示爲「語法錯誤(缺少運算符)」的錯誤。不知道我的代碼有什麼問題 – Izaz

4

有空間的其他列名UPDATE語句沒有一個「從」在裏面,所以它應該有...

啓動 
Update [Edit$]

還有其他一些錯誤。如果ID是一個數字,那麼它可能不需要包圍單引號,通過他們也不會阻止它......已經嵌入空白

Where ID = " & txtId.text & "

列名稱不必包圍括號...

and [Given Name] = '" & txtGivenName.text & "'

最後,這條語句對SQL注入是開放的,通過在你的文本框中輸入SQL,有人可能會嚴重破壞你的表。請考慮使用參數。

你也應該考慮使用Microsoft.ACE.OLEDB.12.0作爲你正在使用的是現在很老了。

你或許應該在你的擴展屬性的其他參數,如果你想使用Excel作爲數據庫,特別是你需要HDR =是...

Extended Properties=""Excel 8.0;HDR=Yes"""

這告訴OLEDB第一線您的工作表包含列名,否則它將使用F1 ... Fn(我認爲它可能是C1 ... Cn)

來源

2015-05-04 08:27:58

+0

正在使用Excel工作表保存我的數據 – Izaz

+0

是的,我錯過了。圍繞ID的邊界引號不會傷害我想。我很想自己放棄,但我沒有任何東西可以嘗試。 –

+0

仍然顯示錯誤爲「查詢表達式中的語法錯誤(缺少運算符)」。不知道我的代碼 – Izaz

相關問題

 相關問題