错误：System.Data.OleDb.OleDbException (0x80040E14)：查询表达式中的语法错误（缺少运算符）

Question

I'm trying to export the results of a stored procedure to Excel and receiving the following error when running: System.Data.OleDb.OleDbException (0x80040E14): Syntax error (missing operator) in query expression. Below is the code I am using. The excel file gets created but there is no data populating the file.

string TableColumns = "";

// Get the Column List from Data Table so can create Excel Sheet with Header
foreach (DataTable table in ds.Tables)
{
    foreach (DataColumn column in table.Columns)
    {
        TableColumns += column + "],[";
    }
}

// Replace most right comma from Columnlist
TableColumns = ("[" + TableColumns.Replace(",", " Text,").TrimEnd(','));
TableColumns = TableColumns.Remove(TableColumns.Length - 2);

//Use OLE DB Connection and Create Excel Sheet
Excel_OLE_Con.ConnectionString = connstring;
Excel_OLE_Con.Open();
Excel_OLE_Cmd.Connection = Excel_OLE_Con;
Excel_OLE_Cmd.CommandText = "Create table " + SheetName + " (" + TableColumns + ")";
Excel_OLE_Cmd.ExecuteNonQuery();

//Write Data to Excel Sheet from DataTable dynamically
foreach (DataTable table in ds.Tables)
{
    String sqlCommandInsert = "";
    String sqlCommandValue = "";
    foreach (DataColumn dataColumn in table.Columns)
    {
        sqlCommandValue += dataColumn + "],[";
    }

    sqlCommandValue = "[" + sqlCommandValue.TrimEnd(',');
    sqlCommandValue = sqlCommandValue.Remove(sqlCommandValue.Length - 2);
    sqlCommandInsert = "INSERT into " + SheetName + "(" + sqlCommandValue + ") VALUES(";

    int columnCount = table.Columns.Count;
    foreach (DataRow row in table.Rows)
    {
        string columnvalues = "";
        for (int i = 0; i < columnCount; i++)
        {
            int index = table.Rows.IndexOf(row);
            columnvalues += "'" + table.Rows[index].ItemArray[i] + "',";
        }
        columnvalues = columnvalues.TrimEnd(',');
        var command = sqlCommandInsert + columnvalues + ")";
        Excel_OLE_Cmd.CommandText = command;
        Excel_OLE_Cmd.ExecuteNonQuery();
    }
}
Excel_OLE_Con.Close();
Dts.TaskResult = (int)ScriptResults.Success;

Answer 1

So the issue is related to you have an unescaped single quote in your data. Two options for dealing with that are to escape the single quote (turn it into two single quotes):

string myData = "This string won't work";
string myDataEscaped = myData.Replace("'", "''");

or the other option (and more robust) is to use a parameterized query. I will use just the lower part of your code where you are doing this query build up and insertion and show you how that can be done (along with some cleanup and making use of StringBuilder ). Note I did not compile and test this as I don't have any test data to use.

var tableColumns = string.Join(",", columns.Cast<DataColumn>().Select(x => "[" + x.ColumnName + "]"));
var insertBase = $"INSERT into {SheetName} ({tableColumns}) VALUES(";
int columnCount = table.Columns.Count;
foreach (DataRow row in table.Rows)
{
    Excel_OLE_Cmd.Parameters.Clear(); // Since you are reusing the command you have to clear the parameters

    var command = new StringBuilder(insertBase);
    var index = table.Rows.IndexOf(row);

    // I will assume you always have at least one column, otherwise these lines would fail
    // Add the first row before the loop that way we don't have to delete the end comma
    var param = $"@param_{index}_0";
    command.Append(param);
    Excel_OLE_Cmd.Parameters.AddWithValue(param, table.Rows[index].ItemArray[0]);
    for (int i = 1; i < columnCount; ++i)
    {
        param = $"@param_{index}_{i}"
        command.Append("," + param);
        Excel_OLE_Cmd.Parameters.AddWithValue(param, table.Rows[index].ItemArray[i]);
    }
    command.Append(")");
    Excel_OLE_Cmd.CommandText = command.ToString();
    Excel_OLE_Cmd.ExecuteNonQuery();
}