无法使用vb.net将数据插入Mysql
[英]Could not insert the data using vb.net into Mysql
问题描述
I am trying to insert data into MySQL using VB. 
我正在尝试使用VB将数据插入MySQL。
When I use these textboxes to insert the data the data gets added, but I don't want to enter the text into textboxes but directly add the underlying information just by press of button (update). 当我使用这些文本框插入数据时,会添加数据,但我不想将文本输入文本框,而是仅通过按一下按钮(更新)就可以直接添加基础信息。 It is giving a syntax error to check MySQL version. 检查MySQL版本时出现语法错误。 It it a query error? 它是查询错误吗? I don't know how to do this. 我不知道该怎么做。 Please help. 请帮忙。 Here is my code. 这是我的代码。
Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
Mysqlconn = New MySqlConnection
Mysqlconn.ConnectionString = "server=localhost;userid=root;port=85;password=*****;database=data"
Dim reader As MySqlDataReader
Try
Mysqlconn.Open()
Dim query As String
query = "INSERT INTO 'data'.'etable'('eid','Name','Surname','Age')values('7','Andy','Roddick','35')"
command = New MySqlCommand(query, Mysqlconn)
reader = command.ExecuteReader
MessageBox.Show("Data Saved")
Mysqlconn.Close()
Catch ex As MySqlException
MessageBox.Show(ex.Message)
Mysqlconn.Dispose()
End Try
End Sub
End Class
2 个解决方案
解决方案1
1 2015-11-30 16:36:44
The correct character to enclose table name and field names is the backtick not the single quote. 包含表名和字段名的正确字符是反引号,而不是单引号。 Use ALT+096 on your numeric keypad to insert it. 使用数字小键盘上的ALT + 096插入它。
query = "INSERT INTO `data`.`etable`(`eid`,`Name`,`Surname`,`Age`) " & _
"values('7','Andy','Roddick','35')"
Said that, check if you database table has the field eid and Age of type varchar . 就是说,检查您的数据库表是否具有eid和Age类型为varchar的字段。 If the fields are numeric (as the name seems to imply) then your query should be changed to 如果字段是数字(如名称所示),则您的查询应更改为
query = "INSERT INTO `data`.`etable`(`eid`,`Name`,`Surname`,`Age`) " & _
"values(7,'Andy','Roddick',35)"
You code also contains some bad practice that need to be removed to avoid future problems 您的代码还包含一些不良做法,需要删除这些不良做法以避免将来出现问题
Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
Dim query As String
query = "INSERT INTO `data`.`etable`(`eid`,`Name`,`Surname`,`Age`) " & _
"values(7,'Andy','Roddick',35)"
Using Mysqlconn = New MySqlConnection
Using command = New MySqlCommand(query, Mysqlconn)
Mysqlconn.ConnectionString = "server=localhost;userid=root;port=85;password=*****;database=data"
Try
Mysqlconn.Open()
Dim rowsAffected = command.ExecuteNonQuery()
if rowsAffected > 0 Then
MessageBox.Show("Data Saved")
End If
Catch ex As MySqlException
MessageBox.Show(ex.Message)
End Try
End Using
End Using
End Sub
First enclose all disposable objects in a Using statement to be sure that they are closed and disposed also in case of exceptions then do not use ExecuteReader for INSERT, UPDATE and DELETE queries, instead the correct method to use is ExecuteNonQuery 首先将所有一次性对象封装在Using语句中,以确保在发生异常时也将它们关闭并处置,然后对INSERT,UPDATE和DELETE查询不要使用ExecuteReader,相反,正确使用的方法是ExecuteNonQuery
解决方案2
1 已采纳 2015-11-30 16:46:01
Try this, which fixes some other issues and potential issues as well: 尝试此操作,它也可以解决其他一些问题和潜在问题:
Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
Dim query As String = "INSERT INTO `data`.`etable`(eid,Name,Surname,Age)" & _
" VALUES (@eid, @Name, @Surname, @Age)"
Using con As New MySqlConnection("server=localhost;userid=DONT_USE_ROOT!;port=85;password=*****;database=data"), _
cmd As New MySqlCommand(query, con)
'Guessing at parameter types/lengths here.
cmd.Parameters.Add("@eid", MySqlDbType.Int32).Value = 7
cmd.Parameters.Add("@Name", MySqlDbType.VarChar, 20).Value = "Andy"
cmd.Parameters.Add("@Surname", MySqlDbType.VarChar, 25).Value = "Roddick"
cmd.Parameters.Add("@Age", MySqlDbType.Int32).Value = 35
conn.Open()
If cmd.ExecuteNonQuery() > 0 Then MessageBox.Show("Data Saved")
End Using
End Sub
Notice I also removed the exception handler. 注意,我还删除了异常处理程序。 The Dispose() call in your old handler is now no longer needed (the Using block takes care of this), and I tend to advocate handling exceptions at a higher level than where they are thrown... though in this case you're already in the button event. 现在不再需要在旧处理程序中进行Dispose()调用( Using块负责此操作),我倾向于提倡在比引发异常的地方更高的级别处理异常……尽管在这种情况下,已经在按钮事件中。 What I really recommend here is moving the database code to it's own class, so this would all be in a separate method in that class. 我在这里真正建议的是将数据库代码移到它自己的类中,因此所有这些都将放在该类的单独方法中。 Then you could still have your exception handler here in the button click event, and the only thing in the Try block would be calling that method. 然后,您仍可以在按钮click事件中使用异常处理程序,并且Try块中唯一的事情就是调用该方法。
It's also very important to be in the habit of using query parameters for data that goes into sql queries, in order to prevent sql injection attacks. 养成对进入sql查询的数据使用查询参数的习惯,以防止sql注入攻击,这一点也很重要。 What you had wasn't vulnerable to attack yet, but it didn't lend any confidence that it wouldn't be vulnerable soon. 您所拥有的还不是很容易受到攻击,但是它并没有给人们带来任何信心,它不会很快受到攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.