以下是我code.I使用了类在我的网站。但是我得到的错误是“附近有语法错误‘’” ......谁能告诉我是什么是错误的代码..附近有语法错误“,而使用更新查询
protected void btnadd_Click(object sender, EventArgs e)
{
s1 = "Update tckt_tbl Set class='" + ddlclass.Text + "',dist=" + lbldist.Text + ",no_of_adults=" + ddladults.Text + ",no_of_senior=" + ddlsenior.Text + ",n1='" + txtn1.Text + "',";
s1 += "n2='" + txtn2.Text + "',n3='" + txtn3.Text + "',n4='" + txtn4.Text + "',n5='" + txtn5.Text + "',n6='" + txtn6.Text + "',";
s1 += "ag1=" + txtag1.Text + ",ag2=" + txtag2.Text + ",ag3=" + txtag3.Text + ",ag4=" + txtag4.Text + ",ag5=" + txtag5.Text + ",ag6=" + txtag6.Text + ",";
s1 += "gen1='" + txtgen1.Text + "',gen2='" + txtgen2.Text + "',gen3='" + txtgen3.Text + "',gen4='" + txtgen4.Text + "',gen5='" + txtgen5.Text + "',gen6='" + txtgen6.Text + "',";
s1 += "cn1='" + txtchn1.Text + "',cn2='" + txtchn2.Text + "',cag1=" + txtcag1.Text + ",cag2=" + txtcag2.Text + ",cgen1='" + txtcgen1.Text + "',cgen2='" + txtcgen2.Text + "' Where userid=" + Session["suser"].ToString() + "";
con.ExecQuery(s1);
Response.Redirect("tcktbook_itckt.aspx");
}
使用[的SqlParameter(http://msdn.microsoft.com/en-us/library /system.data.sqlclient.sqlparameter.aspx),这不仅可以帮助您从[SQL注入](http://en.wikipedia.org/wiki/SQL_injection)中解脱出来,而且**查询会更具可读性**。 – Habib 2013-03-21 05:34:19
使用调试器并查看s1的值。 – 2013-03-21 06:22:33