1. 首頁
  2. 問答
  3. 更新查詢不工作在vb.net

更新查詢不工作在vb.net

2013-02-19 94 views
0

我想在後面的代碼中寫入更新語句在vb.net.if ICCID存在於tbl_ICCID然後改變狀態從0到1和Pic_Correct_ICCID.visible = true,如果不存在,顯示「未找到」。 我寫了這段代碼,但沒有工作,對於Tbl_ICCID中不存在的所有ICCID Pic_Correct_ICCID.visible = true。 請檢查我的代碼並解決我的問題。更新查詢不工作在vb.net

in Cls_ICCID: 

Public Function Update_Status(ByVal ICCID_No As String, ByVal status As Integer) As String 
     Try 
      Dim cmd As SqlCommand 
      Dim sql As String 
      Dim sql2 As String 
      Dim myConnection As SqlConnection = New SqlConnection() 
      myConnection.ConnectionString = "Data Source=TEHRANI\TEHRANI;Initial Catalog=GSMProduction;Persist Security Info=True;User ID=sa;Password=1" 
      **sql = "UPDATE Tbl_ICCID SET Status='" & status & "' Where (ICCID = '" & ICCID_No & "')"** 
      myConnection.Open() 
      cmd = New SqlCommand(sql, myConnection) 
      cmd.ExecuteNonQuery() 
      cmd.Dispose() 
      myConnection.Close() 
      Update_Status = "" 
     Catch ex As SqlException 
      Update_Status = "Not found" 
     Catch ex As Exception 
      Update_Status = "Not connect to server" 
     End Try 
    End Function 

in Frm_Packing 



Private Sub Txt_ICCID_TextChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Txt_ICCID.TextChanged 

     Pic_BP_Correct.Visible = False 
     Pic_BP_Wrong.Visible = False 

     Try 
      If Txt_ICCID.Text.Length = Txt_ICCID.MaxLength Then 
       lblError.Text = clsICCID.Update_Status(Txt_ICCID.Text.ToString(), 1) 
       lblError.ForeColor = Color.Red 
       stream = New System.IO.MemoryStream 
       pic_barcode = Nothing 
       cls.btnEncode(pic_barcode, Txt_ICCID.Text.Trim) 
       pic_barcode.Save(stream, System.Drawing.Imaging.ImageFormat.Png) 
       f = New IO.FileStream("C:\test55.png", IO.FileMode.Create, IO.FileAccess.ReadWrite) 
       b = stream.ToArray 
       f.Write(b, 0, b.Length) 
       f.Close() 
       Dim Val() = {stream.ToArray, Txt_ICCID.Text.Trim} 
       ds.Tables(0).Rows.Add(Val) 
       crp_report.SetDataSource(ds.Tables(0)) 
       frm_crp.CrystalReportViewer1.ReportSource = crp_report 
       If lblError.Text = "" Then 
        Pic_BP_Correct.Visible = True 
        GBDoubleCheck.Visible = True 
        Txt_LabelBarcode.Focus() 
       Else 
        Pic_BP_Wrong.Visible = True 
       End If 
      End If 
     Catch ex As Exception 
      Pic_BP_Wrong.Visible = True 
     End Try 
    End Sub

來源

2013-02-19 Sahar Kiyan

+0

請不要手動將您的參數插入到字符串中。改用準備好的查詢。 – pyrospade 2013-02-19 05:34:24

+0

是什麼?我不會打消你的意思 – 2013-02-19 05:38:24

+1

你應該讓數據庫驅動程序解析參數,而不是手動將它們傳遞給字符串。很好的例子在這裏 - http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.prepare.aspx – pyrospade 2013-02-19 05:43:46

回答

-1

很可能是由於將狀態列值作爲字符串而不是int發送。你應該刪除那些單引號。此外,這是一個非常糟糕的練習來連接這樣的查詢。使用CommandBuilders類或Typed DataSets來保存自己以防SQL注入。

來源

2013-02-19 05:36:20 dotNET

+0

謝謝你的answer.please更改我的代碼....我不怎麼做..只是我更新值,如果退出! – 2013-02-19 05:39:45

+0

哦,我的。以下是正確的查詢: sql =「UPDATE Tbl_ICCID SET Status =」&status&「WHERE(ICCID ='」&ICCID_No&「')」 – dotNET 2013-02-19 05:41:49

+0

我如何underestand這是數據庫中的iccid或不?因爲對於每個值,不顯示未找到 – 2013-02-19 05:58:26

相關問題

 相關問題