ASP.Net将数据从文本框插入数据库
[英]ASP.Net insert data from Textbox to a database
问题描述
Im trying to insert data from a textbox to my database, and it throwing me an exception. 
我试图将文本框中的数据插入到数据库中,这引发了异常。
Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near ' test'.
a few details before I presents my code though : my database called : Movies my table data called: Users and I have columns such as : "FirstName", "LastName" etc... 不过,在提供代码之前有一些细节:我的数据库称为:电影我的表数据称为:用户和我有诸如“ FirstName”,“ LastName”等的列...
protected void Register_Click(object sender, EventArgs e) { SqlConnection connection = new SqlConnection("Data Source=MICROSOF-58B8A5\\SQL_SERVER_R2;Initial Catalog=Movie;Integrated Security=True");
connection.Open();
//FirstName***********
string firstName = FirstNameTextBox.Text;
string sqlquery = ("INSERT INTO [Users] (FirstName) VALUES (' " +FirstNameTextBox.Text + " ' ");
SqlCommand command = new SqlCommand(sqlquery , connection);
command.Parameters.AddWithValue("FirstName", firstName);
//LastName************
string lastName = LastNameTextBox.Text;
sqlquery = ("INSERT INTO [Users] (LastName) VALUES (' " + LastNameTextBox.Text+ " ' ");
command.Parameters.AddWithValue("LastName", lastName);
//Username*************
string username = UsernameTextBox.Text;
sqlquery = ("INSERT INTO [Users] (Username) VALUES (' " + UsernameTextBox.Text+ " ' ");
command.Parameters.AddWithValue("UserName", username);
//Password*************
string password = PasswordTextBox.Text;
sqlquery = ("INSERT INTO [Users] (Password) VALUES (' " + PasswordTextBox.Text + " ' ");
command.Parameters.AddWithValue("Password", password);
if (PasswordTextBox.Text == ReTypePassword.Text)
{
command.ExecuteNonQuery();
}
else
{
ErrorLabel.Text = "Sorry, You didnt typed your password correctly. Please type again.";
}
connection.Close();
}
4 个解决方案
解决方案1
5 已采纳 2011-12-14 18:43:40
Use one query and use @ParamName : 使用一个查询并使用@ParamName :
string sqlquery = "INSERT INTO [Users] (FirstName,LastName,UserName,Password) VALUES (@FirstName,@LastName,@UserName,@Password)";
SqlCommand command = new SqlCommand(sqlquery , connection);
//FirstName***********
string firstName = FirstNameTextBox.Text;
command.Parameters.AddWithValue("FirstName", firstName);
//LastName************
string lastName = LastNameTextBox.Text;
command.Parameters.AddWithValue("LastName", lastName);
//Username*************
string username = UsernameTextBox.Text;
command.Parameters.AddWithValue("UserName", username);
//Password*************
string password = PasswordTextBox.Text;
command.Parameters.AddWithValue("Password", password);
...........
解决方案2
0 2018-04-20 06:41:46
Maybe this code is shorter: 也许这段代码更短:
sqlcommand command=new sqlcommand("insert into[Users](FirstName,LastName,UserName,Password) values('"+FirstNameTextBox.Text+"','"+LastNameTextBox.Text+"','"+UsernameTextBox.Text+"','"+PasswordTextBox.Text+"')",connection);
command.ExecuteNonQuery();
解决方案3
0 2018-11-17 10:33:20
Add the following, too: 也添加以下内容:
string sqlquery = "INSERT INTO [Users] (FirstName,LastName,Username,Password) VALUES ( " +FirstNameTextBox.Text + " ,";
sqlquery += LastNameTextBox.Text+ ",";
sqlquery += UsernameTextBox.Text+ ",";
sqlquery += PasswordTextBox.Text + " )";
SqlCommand command = new SqlCommand(sqlquery , connection);
解决方案4
0 2011-12-14 18:50:55
The problem seems to be that you are creating a weird SQL instruction. 问题似乎是您正在创建一个奇怪的SQL指令。 It's real value is INSERT INTO [Users] (FirstName) VALUES ('(theValue)') and you are not adding the rest of the values (last name, etc). 它的实际值是INSERT INTO [Users](FirstName)VALUES('((theValue)')),而您没有添加其余的值(姓氏等)。 The rest of the code does nothing because the query does not include the rest of the parameters. 其余的代码不执行任何操作,因为查询不包含其余的参数。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.