1. 首页
  2. 问答
  3. 错误消息:在UPDATE语句的语法错误

错误消息:在UPDATE语句的语法错误

2015-05-04 112 views
-2

我不知道为什么,当过我点击更新按钮,我得到一个错误错误消息:在UPDATE语句的语法错误

语法错误在UPDATE语句

我没有知道什么地方出了错在我的代码

这是我的代码:

Public Class Form1 
    Private Function vld(ByVal ParamArray ctl() As Object) As Boolean 
     For i As Integer = 0 To UBound(ctl) 
      If ctl(i).text = "" Then 
       ErrorProvider1.SetError(ctl(i), ctl(i).tag) 
       Return False 
       Exit For 
      End If 
     Next 
     Return True 
    End Function 
    Dim cn As New OleDbConnection 
    Dim cm As New OleDbCommand 
    Dim da As OleDbDataAdapter 
    Dim dt As New DataTable 

    Private Sub Form1_FormClosing(sender As Object, e As System.Windows.Forms.FormClosingEventArgs) Handles Me.FormClosing 
     cn.Close() 
    End Sub 
    Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load 
     TxtExamtime.Format = DateTimePickerFormat.Custom 
     TxtExamtime.CustomFormat = "hh:MM tt" 
     cn.ConnectionString = "provider=microsoft.jet.oledb.4.0; Data Source=C:\psave\New folder\save.xls;Extended Properties=Excel 8.0;" 
     cn.Open() 
     FillDataGridView("select ID, Family Name, Given Name, Gender, DOB, Exam Date, Exam Time, Street Name, House Nr, PLZ, City from [edit$]") 

    End Sub 

    Private Sub FillDataGridView(ByVal Query As String) 
     da = New OleDbDataAdapter(Query, cn) 
     dt.Clear() 
     da.Fill(dt) 
     With DataGridView1 
      .DataSource = dt 
      .Columns(0).HeaderText = "ID" 
      .Columns(1).HeaderText = "Family Name" 
      .Columns(2).HeaderText = "Given Name" 
      .Columns(3).HeaderText = "Gender" 
      .Columns(4).HeaderText = "DOB" 
      .Columns(5).HeaderText = "Exam Date" 
      .Columns(6).HeaderText = "Exam Time" 
      .Columns(7).HeaderText = "Street Name" 
      .Columns(8).HeaderText = "House Nr" 
      .Columns(9).HeaderText = "PLZ" 
      .Columns(10).HeaderText = "City" 
      .Columns(10).AutoSizeMode = DataGridViewAutoSizeColumnMode.Fill 
     End With 
    End Sub 

    Private Sub BtnSearch_Click(sender As Object, e As EventArgs) Handles BtnSearch.Click 
     Try 
      FillDataGridView("select * from [edit$] where ID='" & TxtId.Text & "'") 
      TxtFamilyname.Text = dt.Rows(0).Item(1) 
      TxtGivenname.Text = dt.Rows(0).Item(2) 
      TxtGender.Text = dt.Rows(0).Item(3) 
      TxtDob.Text = dt.Rows(0).Item(4) 
      TxtExamdate.Text = dt.Rows(0).Item(5) 
      TxtExamtime.Text = dt.Rows(0).Item(6) 
      TxtStreet.Text = dt.Rows(0).Item(7) 
      TxtHouse.Text = dt.Rows(0).Item(8) 
      TxtPlz.Text = dt.Rows(0).Item(9) 
      TxtCity.Text = dt.Rows(0).Item(10) 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Critical, Text) 
     End Try 
    End Sub 

    Private Sub BtnSave_Click(sender As Object, e As EventArgs) Handles BtnSave.Click 
     If vld(TxtId, TxtFamilyname, TxtGivenname, TxtGender, TxtDob, TxtExamdate, TxtExamtime, TxtStreet, TxtHouse, TxtPlz, TxtCity) = False Then 
      Exit Sub 
     Else 

     End If 

     Try 
      With cm 
       .Connection = cn 
       .CommandText = "insert into [edit$]values('" & TxtId.Text & "','" & TxtFamilyname.Text & "','" & TxtGivenname.Text & "','" & TxtGender.Text & "','" & TxtDob.Text & "','" & TxtExamdate.Text & "','" & TxtExamtime.Text & "','" & TxtStreet.Text & "','" & TxtHouse.Text & "','" & TxtPlz.Text & "','" & TxtCity.Text & "')" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Critical, Text) 
      Return 
     End Try 
     MsgBox("succefully Saved!", MsgBoxStyle.Information, Text) 
    End Sub 

    Private Sub BtnUpdate_Click(sender As Object, e As EventArgs) Handles Btnupdate.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Update from [edit$] set [Family Name] = '" & TxtFamilyname.Text & "' where ID ='" & TxtId.Text & "' and Given Name = '" & TxtGivenname.Text & "' and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and Exam Date'" & TxtExamdate.Text & "'and Exam Time = '" & TxtExamtime.Text & "'and Street Name = '" & TxtStreet.Text & "'and House Nr = '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 
      Return 
     End Try 
     MsgBox("Succesfully updated!", MsgBoxStyle.Information, Text) 
    End Sub 

    Private Sub BtnClose_Click(sender As Object, e As EventArgs) Handles BtnClose.Click 
     Close() 
    End Sub 

    Private Sub BtnClear_Click(sender As Object, e As EventArgs) Handles BtnClear.Click 
     TxtId.Clear() 
     TxtFamilyname.Clear() 
     TxtGivenname.Clear() 
     TxtStreet.Clear() 
     TxtHouse.Clear() 
     TxtPlz.Clear() 
     TxtCity.Clear() 
     'To see all the data in DataGridView 
     FillDataGridView("select * from[edit$]") 

    End Sub 

    Private Sub BtnDelete_Click(sender As Object, e As EventArgs) Handles BtnDelete.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Delete from [edit$] where [Family Name] = '" & TxtFamilyname.Text & "' and ID ='" & TxtId.Text & "' and [Given Name] = '" & TxtGivenname.Text & "'and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and [Exam Date]'" & TxtExamdate.Text & "'and [Exam Time] = '" & TxtExamtime.Text & "'and [Street Name] = '" & TxtStreet.Text & "'and [House Nr] = '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      MsgBox("Succesfully Deleted!", MsgBoxStyle.Information, Text) 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 

     End Try 
    End Sub 
End Class

来源

2015-05-04 Izaz

+2

您应该注意消息告诉您的内容并检查您的'更新'查询。 'UPDATE FROM ...'不是有效的语法。 – 2015-05-04 08:24:11

+0

***所有代码中的***都发生了错误? –

+1

[SQL注入警报](http://msdn.microsoft.com/zh-cn/library/ms161953%28v=sql.105%29。aspx) - 你应该**不**连接你的SQL语句 - 使用**参数化查询**来代替以避免SQL注入 –

回答

2

贝斯解决您的代码中的其他问题(例如你应该几乎总是使用参数化查询),Update from [edit$] set...是错误的。

只需使用Update [edit$] set...

来源

2015-05-04 08:24:25 sloth

1

您的更新statment语法显然是不正确的:

请看下面的代码:

Private Sub BtnUpdate_Click(sender As Object, e As EventArgs) Handles Btnupdate.Click 
     Try 
      With cm 
       .Connection = cn 
       .CommandText = "Update [edit$] set [Family Name] = '" & TxtFamilyname.Text & "' where ID ='" & TxtId.Text & "' and [Given Name] = '" & TxtGivenname.Text & "' and Gender = '" & TxtGender.Text & "'and DOB = '" & TxtDob.Text & "'and [Exam Date]='" & TxtExamdate.Text & "'and [Exam Time]= '" & TxtExamtime.Text & "'and [Street Name] = '" & TxtStreet.Text & "'and [House Nr]= '" & TxtHouse.Text & "'and PLZ = '" & TxtPlz.Text & "'and CITY = '" & TxtCity.Text & "'" 
       .ExecuteNonQuery() 
      End With 
      FillDataGridView("select * from [edit$]") 
     Catch ex As Exception 
      MsgBox(ex.Message, MsgBoxStyle.Information, Text) 
      Return 
     End Try 
     MsgBox("Succesfully updated!", MsgBoxStyle.Information, Text) 
    End Sub

将所有的列名[]内其他明智的查询将被错误地解释因为它可能会在遇到空白时立即忽略其余的查询

您已经正确它姓,但肯定忽略了这两者之间

来源

2015-05-04 08:25:36

+0

现在它显示错误消息为“查询表达式中的语法错误(缺少操作符)” – Izaz

+0

@Izaz正如Ciaran所提到的,你的代码还有其他一些问题。放置所有列名之间有空格的名称。例如:考试时间,门牌号码等 –

+0

仍然在查询表达式中显示为“语法错误(缺少运算符)”的错误。不知道我的代码有什么问题 – Izaz

4

有空间的其他列名UPDATE语句没有一个“从”在里面,所以它应该有...

启动 
Update [Edit$]

还有其他一些错误。如果ID是一个数字,那么它可能不需要包围单引号,通过他们也不会阻止它......已经嵌入空白

Where ID = " & txtId.text & "

列名称不必包围括号...

and [Given Name] = '" & txtGivenName.text & "'

最后,这条语句对SQL注入是开放的,通过在你的文本框中输入SQL,有人可能会严重破坏你的表。请考虑使用参数。

你也应该考虑使用Microsoft.ACE.OLEDB.12.0作为你正在使用的是现在很老了。

你或许应该在你的扩展属性的其他参数,如果你想使用Excel作为数据库,特别是你需要HDR =是...

Extended Properties=""Excel 8.0;HDR=Yes"""

这告诉OLEDB第一线您的工作表包含列名,否则它将使用F1 ... Fn(我认为它可能是C1 ... Cn)

来源

2015-05-04 08:27:58

+0

正在使用Excel工作表保存我的数据 – Izaz

+0

是的,我错过了。围绕ID的边界引号不会伤害我想。我很想自己放弃,但我没有任何东西可以尝试。 –

+0

仍然显示错误为“查询表达式中的语法错误(缺少运算符)”。不知道我的代码 – Izaz

相关问题

 相关问题