Syntax Error on a Sql Parametrized update command - c#

倖福魔咒の 提交于 2019-12-24 16:22:49

问题


It's my first SQL Parametrized update command in c# and i have a syntax error when i exectued my update.

Here is my code :

    string maRequete = "UPDATE "  + strNomTable + " set " 
    + "evetype = @evetype ,"
    + "evedes = @evedes ,"
    + "evecli = @evecli ,"
    + "eveusermo = @eveusermo ,"
    + "eveinterv = @eveinterv where eveNum = " + '"' + strEvtNumeroString.ToString() + '"';

    OleDbCommand DbCommand = new OleDbCommand(maRequete);

    DbCommand.Parameters.Add("@evetype", OleDbType.VarChar);
    DbCommand.Parameters.Add("@evedes", OleDbType.VarChar);
    DbCommand.Parameters.Add("@evecli", OleDbType.VarChar);
    DbCommand.Parameters.Add("@eveusermo", OleDbType.VarChar);
    DbCommand.Parameters.Add("@eveinterv", OleDbType.VarChar);


    DbCommand.Parameters["@evetype"].Value = m_strEvtType.ToString().Trim();
    DbCommand.Parameters["@evedes"].Value = m_strDesignation.ToString().Trim();
    DbCommand.Parameters["@evecli"].Value = m_strCodeClient.ToString().Trim();
    DbCommand.Parameters["@eveusermo"].Value = m_strUserModification;
    DbCommand.Parameters["@eveinterv"].Value = m_strCodeIntervenant.ToString().Trim();


    try
    {
        string strStringConnect = @"Provider=vfpoledb.1;Data Source=" + m_strDirectoryDBF + "\\" + strDbfFile + ".dbf;Collating Sequence=general";
        OleDbConnection DbConnection = new OleDbConnection(strStringConnect);

        DbCommand.CommandType = System.Data.CommandType.Text;

        DbConnection.Open();
        DbCommand.Connection = DbConnection;

        DbCommand.ExecuteNonQuery();
        return "O";
    }
    catch (Exception Ex)
    {
        return Ex.Message;
    }

Anyone have an idea where is my mistake ? In addition, i wrote in a old DBF file (Visual Foxpro) and i think i don't have access to log in order to debug the query :(.

Thanks a lot :)

Best regards,

Nixeus


回答1:


Try using single quotes in your UPDATE statement instead of double quotes. The last line

+ "eveinterv = @eveinterv where eveNum = " + '"' + strEvtNumeroString.ToString() + '"';

should be

+ "eveinterv = @eveinterv where eveNum = '" + strEvtNumeroString.ToString() + "'";



回答2:


change your command text as

 string maRequete = "UPDATE " + strNomTable + " set "
 + "evetype = @evetype ,"
 + "evedes = @evedes ,"
 + "evecli = @evecli ,"
 + "eveusermo = @eveusermo ,"
 + "eveinterv = @eveinterv where eveNum = '" + strEvtNumeroString.ToString() + "'";



回答3:


If you print out maRequete, and try executing it interactively, you will find the SQL syntax is incorrect. It seems likely you're using double-quotes to denote string constants; in SQL you should use single quotes for that. It's possible your data contains a single quote (i.e. an apostrophe). In that case, you need to add and extra one e.g.

INSERT ... values ('you''ll need two apostrophes for this');

These are just SQL rules. You have to give the server valid syntax if it's to execute your query.



来源:https://stackoverflow.com/questions/16384635/syntax-error-on-a-sql-parametrized-update-command-c-sharp

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!