[英]Invalid SQL syntax when trying to insert a row to the database
我收到此錯誤: System.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near '12'.
錯誤發生在pbkDB.ExecuteNonQuery(dbCommand)行上。
#region Enhancements_Update
private static bool Enhancements_Update(DataRow dr)
{
bool inserted = false;
DateTime dt;
Database pbkDB = DatabaseFactory.CreateDatabase("PbKConnectionString");
try
{
ChargeCode = dr["ChargeCode"].ToString().Trim();
NcicCode = dr["NcicCode"].ToString().Trim();
Description = String.IsNullOrEmpty(dr["Description"].ToString().Trim()) ? null : dr["Description"].ToString().Trim();
MachCr = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachCr"].ToString().Trim();
EnterUserId = String.IsNullOrEmpty(dr["EnterUserId"].ToString().Trim()) ? "KSCONV" : dr["EnterUserId"].ToString().Trim();
EnterDate = DateTime.TryParse(dr["EnterDate"].ToString(), out dt) ? dt : DateTime.Now;
UpdateUserId = String.IsNullOrEmpty(dr["UpdateUserId"].ToString().Trim()) ? "KSCONV" : dr["UpdateUserId"].ToString().Trim();
UpdateDate = DateTime.TryParse(dr["UpdateDate"].ToString(), out dt) ? dt : DateTime.Now;
EnactedDate = DateTime.TryParse(dr["EnactedDate"].ToString(), out dt) ? dt : DateTime.Now;
if (DateTime.TryParse(dr["RepealedDate"].ToString(), out dt))
RepealedDate = dt;
else
RepealedDate = null;
UsageType = String.IsNullOrEmpty(dr["UsageType"].ToString().Trim()) ? null : dr["UsageType"].ToString().Trim();
LanguageFile = String.IsNullOrEmpty(dr["LanguageFile"].ToString().Trim()) ? null : dr["LanguageFile"].ToString().Trim();
MachChar = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachChar"].ToString().Trim();
NotesOnUse = String.IsNullOrEmpty(dr["NotesOnUse"].ToString().Trim()) ? null : dr["NotesOnUse"].ToString().Trim();
SentenceSeverity = String.IsNullOrEmpty(dr["SentenceSeverity"].ToString().Trim()) ? null : dr["SentenceSeverity"].ToString().Trim();
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format(@"Update tblCtStateChargeNcic set Description = '{2}', MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5}, UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8}, RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}', MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}' where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode, NcicCode, Description, MachCr, EnterUserId, EnterDate, UpdateUserId, UpdateDate, EnactedDate, RepealedDate, UsageType, LanguageFile, MachChar, NotesOnUse, SentenceSeverity));
// error occurs here!
pbkDB.ExecuteNonQuery(dbCommand);
inserted = true;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
return inserted;
}
#endregion
您應該使用sql參數而不是自己構建字符串。
不管怎樣,這是你的錯誤:
UpdateDate {7}, EnactedDate {8}
你缺少= :
UpdateDate = {7}, EnactedDate = {8}
你錯過了= for UpdateDate {7},EnactedDate {8}
問題是日期值必須用引號括起來(撇號,最有可能)。
您的字符串格式不正確。
對於記錄,使用字符串來創建SQL語句是一個可怕的想法。 使用參數化查詢,並使用AddParameterWithValue方法添加參數值。 這種字符串拼接是SQL注入攻擊的主要候選者。
更改:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
至:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate = {7}, EnactedDate = {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
您為UpdateDate和EnactedDate了'='。
嘗試使用SQL將數據插入數據庫時出現“無效的列名”
[英]“Invalid column name” when trying to insert data into database using SQL
為什么在嘗試將數據插入行時出現 SQL 語法錯誤?
[英]Why am I getting an SQL Syntax error when trying to insert data into a row?
Catch SqlException嘗試通過按鈕單擊事件向sql數據庫添加數據時拋出錯誤無效語法
[英]Catch SqlException throwing error invalid syntax when trying to add data to sql database through button click event
嘗試將數據插入SQL Server數據庫時打開連接的麻煩
[英]Open connection trouble when trying to insert data into SQL Server database
DataTimePicker和Checkbox插入數據庫-錯誤的SQL語法
[英]DataTimePicker and Checkbox insert to database - Error SQL Syntax
當將 dateTime 對象從 C# 代碼插入到 Sql Server 數據庫時,語法格式發生了變化
[英]when insert dateTime object from C# code to Sql Server database the syntax format is change
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.