stackoom
  简体   繁体   中英

Syntax error near Source when trying to access a database C# asp.net

 原文  2011-11-17 02:00:34       c#/ asp.net/ sql

Question

string databaseLocation = "|DataDirectory|\\Users.mdf";
string connectionString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=" + databaseLocation + ";Integrated Security=True;User Instance=True";    
SqlConnection sqlConnection = new SqlConnection(connectionString);
SqlCommand command = new SqlCommand();
command.CommandText = String.Format("SELECT * FROM Users WHERE Username = {0}", username);
command.CommandType = CommandType.Text;
command.Connection = sqlConnection;
sqlConnection.Open();
int numberOfRows = command.ExecuteNonQuery();
sqlConnection.Close();
return numberOfRows;

This should check the Users.mdf database for the number of occorances of the username. but im getting a "syntax error near Source" runtime error when it hits the ExecuteNonQuery. I cant find anything wrong... Please help :)

2 answers

solution1
 4 ACCPTED  2011-11-17 02:08:13

Your formatted sql statement is not including delimiters for the username: 

command.CommandText = String.Format("SELECT * FROM Users WHERE Username = {0}", username);

sets the command text to something like: 

SELECT * FROM Users WHERE Username = foo

This is easily corrected, but it would be better to use a SqlParameter : 

command.CommandText = "SELECT * FROM Users WHERE Username = @username");
command.Parameters.AddWithValue("@username", username);

Also, ExecuteNonQuery will return -1 for the number of rows affected, since the select doesn't affect rows. Instead do: 

command.CommandText = "SELECT COUNT(*) FROM Users WHERE Username = @username");
command.Parameters.AddWithValue("@username", username);
...
int numberOfRows = (int)command.ExecuteScalar();

solution2
 0  2011-11-17 02:16:03

Your code should be: 

string databaseLocation = "|DataDirectory|\\Users.mdf";
string connectionString = "Data Source=.\\SQLEXPRESS;AttachDbFilename=" + databaseLocation + ";Integrated Security=True;User Instance=True";    
SqlConnection sqlConnection = new SqlConnection(connectionString);
SqlCommand command = new SqlCommand();
command.CommandText = "SELECT COUNT(*) FROM Users WHERE Username = @User";
command.CommandType = CommandType.Text;
command.Parameters.AddWithValue("@User",username);
command.Connection = sqlConnection;
sqlConnection.Open();
int numberOfRows = command.ExecuteScalar();
sqlConnection.Close();
return numberOfRows;

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question “Incorrect syntax near '='” runtime error c# asp.net Syntax Error at Database Connection String asp.net & c# Getting error using access database asp.net c# Incorrect syntax near ',' error in asp.net? Syntax error with inserting sql into access db using C# and asp.net C#, ASP.NET core | SqlException: Incorrect syntax near the keyword 'TOP' Incorrect syntax near '<' error while tring to access ASP.Net variable from code behind trying to insert data into a database using asp.net and c# Syntax error in INSERT INTO statement ASP.Net C# Syntax error in UPDATE statement in C# asp.net
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM