准则表达中的数据类型不匹配错误(ms Access)
[英]DATA TYPE MISMATCH error IN CRITERIA EXPRESSION (ms Access)
问题描述
please figure out the error in my code.it show 
请找出我的代码中的错误。
DATA TYPE MISMATCH error IN CRITERIA EXPRESSION .
OleDbCommand cmd = new OleDbCommand("DELETE tbbill.*, tbgrid.* FROM tbbill INNER JOIN tbgrid ON tbbill.invoice = tbgrid.ginovice WHERE tbbill.invoice ='" + Convert.ToInt32(txtinvoice.Text) + "'", con);
cmd.ExecuteNonQuery();
cmd.Dispose();
2 个解决方案
解决方案1
1 2015-10-12 08:19:30
It has to be 它一定要是
OleDbCommand cmd = new OleDbCommand(
"DELETE tbbill.*, tbgrid.*
FROM tbbill
INNER JOIN tbgrid
ON tbbill.invoice = tbgrid.ginovice
WHERE tbbill.invoice = " + Convert.ToInt32(txtinvoice.Text) , con);
I have removed '' from the invoice 我已从发票中删除''
Whereas you should always use a parameterized SQL to prevent SQL Injections 而您应该始终使用参数化的SQL来防止SQL注入
OleDbCommand cmd = new OleDbCommand(
"DELETE tbbill.*, tbgrid.*
FROM tbbill
INNER JOIN tbgrid
ON tbbill.invoice = tbgrid.ginovice
WHERE tbbill.invoice = @invoice", con);
cmd.Parameters.Add("@invoice", Convert.ToInt32(txtinvoice.Text) );
cmd.ExecuteNonQuery();
解决方案2
0 已采纳 2015-10-12 08:25:01
Single quotes are for characters, if your invoice is numeric typed, you need to delete these quotes like; 单引号用于字符,如果您的invoice是数字类型的,则需要删除这些引号,例如;
tbbill.invoice = " + Convert.ToInt32(txtinvoice.Text) + ...
But don't use this way. 但是请不要使用这种方式。
Always use parameterized queries . 始终使用参数化查询 。 This kind of string concatenations are open for SQL Injection attacks. 这类字符串连接对SQL注入攻击开放。
And use using statement to dispose your command and connections automatically instead of calling Dispose method manually. 并使用using语句自动处理您的命令和连接,而不是手动调用Dispose方法。
using(OleDbConnection con = new OleDbConnection(conString))
using(OleDbCommand cmd = con.CreateCommand())
{
cmd.CommandText = "DELETE tbbill.*, tbgrid.* FROM tbbill INNER JOIN tbgrid ON tbbill.invoice = tbgrid.ginovice WHERE tbbill.invoice = @invoice";
cmd.Parameters.Add("@invoice", OleDbType.Integer).Value = Convert.ToInt32(txtinvoice.Text);
// I used OleDbType.Integer in my example. You should use proper OleDbType for your column.
con.Open();
cmd.ExecuteNonQuery();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.