[英]SqlException Incorrect syntax near '?'
I am getting sql exception in my query: 我在查询中收到sql异常:
[SqlException (0x80131904): Incorrect syntax near '?'.
[SqlException(0x80131904):'?'附近的语法不正确。 Incorrect syntax near the keyword 'User'.]
关键字“用户”附近的语法不正确。]
What am I doing wrong? 我究竟做错了什么? And what does this exception means?
这个例外意味着什么?
protected void Submit_Click(object sender, EventArgs e)
{
string myConnection = @"Data Source=REDDEVIL;Initial..."
SqlConnection conn = new SqlConnection(myConnection);
HttpPostedFile postedFile = FileUpload1.PostedFile;
string fileName = Path.GetFileName(postedFile.FileName);
string fileExtension = Path.GetExtension(fileName);
if (fileExtension.ToLower() == ".jpg" || fileExtension.ToLower() == ".bmp" ||
fileExtension.ToLower() == ".gif" || fileExtension.ToLower() == ".png")
{
Stream stream = postedFile.InputStream;
BinaryReader binaryReader = new BinaryReader(stream);
byte[] bytes = binaryReader.ReadBytes((int)stream.Length);
string query2 = "INSERT INTO Manager (ID,Name,Address,Phone,Cell,Email,DOB,Commission,Comments,Photo,User ID,IsActive) VALUES (?ID,?Name,?Address,?Phone,?Cell,?Email,?DOB,?Commission,?Comments,?Photo,?User_ID,?IsActive)";
SqlCommand cmd2 = new SqlCommand(query2, conn);
cmd2.Parameters.AddWithValue("?ID", mgrID.Text);
cmd2.Parameters.AddWithValue("?Name", Name.Text);
cmd2.Parameters.AddWithValue("?Address", address.Text);
cmd2.Parameters.AddWithValue("?Phone", phoneNo.Text);
cmd2.Parameters.AddWithValue("?Cell", CellNo.Text);
cmd2.Parameters.AddWithValue("?Email", email.Text);
cmd2.Parameters.AddWithValue("?DOB", dob.Text);
cmd2.Parameters.AddWithValue("?Commission", commission.Text);
cmd2.Parameters.AddWithValue("?Comments", comments.Text);
cmd2.Parameters.AddWithValue("?Photo", bytes);
cmd2.Parameters.AddWithValue("?User_ID", System.DBNull.Value);
cmd2.Parameters.AddWithValue("?IsActive", System.DBNull.Value);
conn.Open();
cmd2.ExecuteNonQuery();
conn.Close();
Response.Redirect("~/Views/Portal/Dashboard.aspx");
}
else
{
}
}
Any help will be much appreciated. 任何帮助都感激不尽。
To specify that it is a parameter you should use @
instead of ?
要指定它是一个参数,你应该使用
@
而不是?
in your sql query. 在你的SQL查询中。 Then in your creation of the parameter, you do not need the
?
然后在你创建的参数中,你不需要
?
either 或
string query2 = "INSERT INTO Manager (ID,Name,Address,Phone,Cell,Email,DOB,Commission,Comments,Photo,User_ID,IsActive) VALUES (@ID,@Name,@Address,@Phone,@Cell,@Email,@DOB,@Commission,@Comments,@Photo,@User_ID,@IsActive)";
SqlCommand cmd2 = new SqlCommand(query2, conn);
cmd2.Parameters.AddWithValue("ID", mgrID.Text);
And as Tim noticed in the section you are specifying the fields you have ...USER ID,....
- I assume you are missing a _
between the two. 正如蒂姆在本节中指出的那样,你指的是你拥有的字段
...USER ID,....
- 我假设你在两者之间错过了_
。 (of if it is indeed called user
then see Tim's suggestion with the []
(如果它确实被称为
user
那么看看蒂姆对[]
的建议
defining column name has its own rule, you have define column name as 定义列名称有自己的规则,您将列名称定义为
,User ID,
,用户身份,
which is incorrect, it must be a single word, so you have to put it in brackets like 这是不正确的,它必须是一个单词,所以你必须把它放在括号中
,[User ID],
,[用户身份],
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.