如何修复:“System.Data.SqlClient.SqlException:'')'附近的语法不正确。'”

问题描述 投票:0回答:1

我正在尝试将我的程序连接到 SQL Server :

private void simpleButton2_Click(object sender, EventArgs e)
{
     if (TXTVAULECODE.Text == "" & TXTVAULEEMAIL.Text == "" & TXTVAULEUSERNAME.Text == "" & SOTHUTU.Text == "" )
     {
         MessageBox.Show("Cannot add user in SQL Server because the fields are empty", "Admin Database", MessageBoxButtons.OK, MessageBoxIcon.Error);
     }
     if (TXTVAULEEMAIL.Text == "" & TXTVAULEUSERNAME.Text == "" & SOTHUTU.Text == "")
     {
         MessageBox.Show("Cannot add user in SQL Server because the fields are empty", "Admin Database", MessageBoxButtons.OK, MessageBoxIcon.Error);
     }
     if (TXTVAULEUSERNAME.Text == "" & SOTHUTU.Text == "")
     {
         MessageBox.Show("Cannot add user in SQL Server because the fields are empty", "Admin Database", MessageBoxButtons.OK, MessageBoxIcon.Error);
     }
     if (SOTHUTU.Text == "")
     {
         MessageBox.Show("Cannot add user in SQL Server because the fields are empty", "Admin Database", MessageBoxButtons.OK, MessageBoxIcon.Error);
     }
     else

     {
         Create_Connect();
         string str = "insert into LoPhongCorporationKey(UserID,Code,Username,Email) values ( + strSOTHUTU +  N + strCode +  + strUsername +  N + strEmail + )";
         SqlCommand cmd = new SqlCommand(str, strConnect);
         cmd.ExecuteNonQuery();
         strConnect.Close();
     }
}

但是当我运行时,出现错误

System.Data.SqlClient.SqlException:“')附近的语法不正确”

各位,如何解决?

(我是越南人,所以语法可能是错误的)

c# sql-server devexpress
1个回答
0
投票

查询缺少分隔值的逗号,请修复此行以在值之间包含逗号。将查询打印到控制台以调试问题。

 string str = "insert into LoPhongCorporationKey(UserID,Code,Username,Email) values ( + strSOTHUTU +  N + strCode +  + strUsername +  N + strEmail + )";

注意:使用参数化查询而不是连接字符串以避免 SQL 注入攻击。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.