[英]I can't insert items in table in my SQL Server 2008 R2 Management Studio using Visual Studio 2010 Express
Here is the problem 这是问题所在
cmd.ExectureNonQuery()
Error: 错误:
Column name or number of supplied values does not match table definition.
列名或提供的值数与表定义不匹配。
Here is my code for the add button 这是我的添加按钮的代码
Dim con As New SqlClient.SqlConnection("Server=.\SQLExpress;AttachDBFilename=C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\DATA\Finals.mdf;Database=Finals;Trusted_Connection=Yes;")
Dim cmd As New SqlClient.SqlCommand
cmd.Connection = con
cmd.CommandText = "Insert Into [Finals].[dbo].[Nokia] Values ('" & Unit.Text & "'),('" & Price.Text & " '),('" & Stack.Text & "'),('" & Processor.Text & "'),('" & Size.Text & "'),('" & RAM.Text & "'),('" & Internal.Text & "'),('" & ComboBox1.Text & "')"
con.Open()
cmd.ExecuteNonQuery()
con.Close()
I'm using SQL Server 2008 R2 and it errors when I press add can anyone find me a solution and can anyone also help me how to create a delete query also? 我正在使用SQL Server 2008 R2,当我按添加时它出错,有人可以找到我一个解决方案,有人也可以帮助我如何创建删除查询吗?
Thanks in advance. 提前致谢。
Try this: 尝试这个:
Dim con As New SqlClient.SqlConnection("Server=.\SQLExpress;AttachDBFilename=C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\DATA\Finals.mdf;Database=Finals;Trusted_Connection=Yes;")
Dim cmd As New SqlClient.SqlCommand
cmd.Connection = con
' the following text is wrapped for readability
cmd.CommandText = "Insert Into [Finals].[dbo].[Nokia] Values ('" & Unit.Text & _
"', '" & Price.Text & "', '" & Stack.Text & "', '" & Processor.Text & "', '" & _
Size.Text & "', '" & RAM.Text & "', '" & Internal.Text & "', '" & _
ComboBox1.Text & "')"
con.Open()
cmd.ExecuteNonQuery()
con.Close()
}
You don't need to encapsulate each value in (
and )
; 您不需要将每个值封装在
(
和)
; the entire value list is encapsulated in a single set of brackets, as in my code. 就像我的代码一样,整个值列表都封装在一组括号中。
On another note, performing string concatenation like this creates a SQL Injection vulnerability; 另外,像这样执行字符串连接会产生一个SQL注入漏洞。 you should be using sqlParameter objects to pass the values into the statement.
您应该使用sqlParameter对象将值传递到语句中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.