[英]Invalid SQL syntax when trying to insert a row to the database
我收到此错误: System.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near '12'.
错误发生在pbkDB.ExecuteNonQuery(dbCommand)行上。
#region Enhancements_Update
private static bool Enhancements_Update(DataRow dr)
{
bool inserted = false;
DateTime dt;
Database pbkDB = DatabaseFactory.CreateDatabase("PbKConnectionString");
try
{
ChargeCode = dr["ChargeCode"].ToString().Trim();
NcicCode = dr["NcicCode"].ToString().Trim();
Description = String.IsNullOrEmpty(dr["Description"].ToString().Trim()) ? null : dr["Description"].ToString().Trim();
MachCr = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachCr"].ToString().Trim();
EnterUserId = String.IsNullOrEmpty(dr["EnterUserId"].ToString().Trim()) ? "KSCONV" : dr["EnterUserId"].ToString().Trim();
EnterDate = DateTime.TryParse(dr["EnterDate"].ToString(), out dt) ? dt : DateTime.Now;
UpdateUserId = String.IsNullOrEmpty(dr["UpdateUserId"].ToString().Trim()) ? "KSCONV" : dr["UpdateUserId"].ToString().Trim();
UpdateDate = DateTime.TryParse(dr["UpdateDate"].ToString(), out dt) ? dt : DateTime.Now;
EnactedDate = DateTime.TryParse(dr["EnactedDate"].ToString(), out dt) ? dt : DateTime.Now;
if (DateTime.TryParse(dr["RepealedDate"].ToString(), out dt))
RepealedDate = dt;
else
RepealedDate = null;
UsageType = String.IsNullOrEmpty(dr["UsageType"].ToString().Trim()) ? null : dr["UsageType"].ToString().Trim();
LanguageFile = String.IsNullOrEmpty(dr["LanguageFile"].ToString().Trim()) ? null : dr["LanguageFile"].ToString().Trim();
MachChar = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachChar"].ToString().Trim();
NotesOnUse = String.IsNullOrEmpty(dr["NotesOnUse"].ToString().Trim()) ? null : dr["NotesOnUse"].ToString().Trim();
SentenceSeverity = String.IsNullOrEmpty(dr["SentenceSeverity"].ToString().Trim()) ? null : dr["SentenceSeverity"].ToString().Trim();
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format(@"Update tblCtStateChargeNcic set Description = '{2}', MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5}, UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8}, RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}', MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}' where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode, NcicCode, Description, MachCr, EnterUserId, EnterDate, UpdateUserId, UpdateDate, EnactedDate, RepealedDate, UsageType, LanguageFile, MachChar, NotesOnUse, SentenceSeverity));
// error occurs here!
pbkDB.ExecuteNonQuery(dbCommand);
inserted = true;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
return inserted;
}
#endregion
您应该使用sql参数而不是自己构建字符串。
不管怎样,这是你的错误:
UpdateDate {7}, EnactedDate {8}
你缺少= :
UpdateDate = {7}, EnactedDate = {8}
你错过了= for UpdateDate {7},EnactedDate {8}
问题是日期值必须用引号括起来(撇号,最有可能)。
您的字符串格式不正确。
对于记录,使用字符串来创建SQL语句是一个可怕的想法。 使用参数化查询,并使用AddParameterWithValue方法添加参数值。 这种字符串拼接是SQL注入攻击的主要候选者。
更改:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
至:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate = {7}, EnactedDate = {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
您为UpdateDate和EnactedDate了'='。
尝试使用SQL将数据插入数据库时出现“无效的列名”
[英]“Invalid column name” when trying to insert data into database using SQL
为什么在尝试将数据插入行时出现 SQL 语法错误?
[英]Why am I getting an SQL Syntax error when trying to insert data into a row?
Catch SqlException尝试通过按钮单击事件向sql数据库添加数据时抛出错误无效语法
[英]Catch SqlException throwing error invalid syntax when trying to add data to sql database through button click event
尝试将数据插入SQL Server数据库时打开连接的麻烦
[英]Open connection trouble when trying to insert data into SQL Server database
DataTimePicker和Checkbox插入数据库-错误的SQL语法
[英]DataTimePicker and Checkbox insert to database - Error SQL Syntax
当将 dateTime 对象从 C# 代码插入到 Sql Server 数据库时,语法格式发生了变化
[英]when insert dateTime object from C# code to Sql Server database the syntax format is change
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.