[英]C# Syntax error (missing operator) in query expression
I receive this error on cmd.ExecuteNonQuery()
... I think I am wrong on cmd.CommandText
... 我在
cmd.ExecuteNonQuery()
上收到此错误...我认为在cmd.CommandText
上我错了...
Syntax error (missing operator) in query expression 'Nr_Crt='1' and Varsta '3' and KG '2' and Specie 'Iepure' and Risc'Nu' and Tip1 'Diurn' and Tip2 'Carnivor''.
查询表达式'Nr_Crt ='1'和Varsta'3'和KG'2'以及Specie'Iepure'和Risc'Nu'和Tip1'Diurn'和Tip2'Carnivor'的语法错误(缺少运算符)。
private void button2_Click_1(object sender, EventArgs e)
{
if (txtNr_Crt.Text != " " & txtVarsta.Text != " " & txtKG.Text != " " & txtSpecie.Text != " " & txtRisc.Text != " " & txtTip1.Text != " " & txtTip1.Text != " " & txtTip2.Text != "")
{
cn.Open();
cmd.CommandText = "DELETE from Animale Where Nr_Crt='" + txtNr_Crt.Text + "' and Varsta '" + txtVarsta.Text + "' and KG '" + txtKG.Text + "' and Specie '" + txtSpecie.Text + "' and Risc'" + txtRisc.Text + "' and Tip1 '" + txtTip1.Text + "' and Tip2 '" + txtTip2.Text + "'";
cmd.ExecuteNonQuery();
cn.Close();
loaddata();
txtNr_Crt.Text = "";
txtVarsta.Text = "";
txtKG.Text = "";
txtSpecie.Text = "";
txtSex.Text = "";
txtRisc.Text = "";
txtTip1.Text = "";
txtTip2.Text = "";
}
}
You code is vulnerable to SQL injection, i'd fix that. 您的代码容易受到SQL注入的攻击,我会解决此问题。
The issue is that you are missing the =
from each of your subsequent and
's: 问题是您在每个后继
and
都缺少=
:
cn.Open();
cmd.Parameters.AddWithValue("@Nr_Crt", txtNr_Crt.Text);
cmd.Parameters.AddWithValue("@Varsta", txtVarsta.Text);
cmd.Parameters.AddWithValue("@KG", txtKG.Text);
cmd.Parameters.AddWithValue("@Specie", txtSpecie.Text);
cmd.Parameters.AddWithValue("@Risc", txtRisc.Text);
cmd.Parameters.AddWithValue("@Tip1", txtTip1.Text);
cmd.Parameters.AddWithValue("@Tip2", txtTip2.Text);
cmd.CommandText = "DELETE from Animale Where Nr_Crt= @Nr_Crt and Varsta = @Varsta and KG = @KG and Specie = @Specie and Risc = @Risc and Tip1 = @Tip1 and Tip2 = @Tip2";
cmd.ExecuteNonQuery();
cn.Close();
This should fix it (and the SQL injection risk) 这应该可以解决(以及SQL注入风险)
Your query is wrong. 您的查询是错误的。 You are missing
=
when comparing the columns 您缺少
=
比较列时
cmd.CommandText = "DELETE from Animale Where Nr_Crt='" + txtNr_Crt.Text + "' and Varsta='" + txtVarsta.Text + "' and KG='" + txtKG.Text + "' and Specie='" + txtSpecie.Text + "' and Risc='" + txtRisc.Text + "' and Tip1='" + txtTip1.Text + "' and Tip2='" + txtTip2.Text + "'";
foreach(Control ctrl in this.Controls)
{
if (ctrl is TextBox)
{
ctrl.text="";
}
}
For cleaning all textbox at once :) you can create a Method that performs it when you need it 为了一次清理所有文本框:),您可以创建一个在需要时执行该方法的方法
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.