小白求助 望各位大蝦 幫忙解答 UPDATE 语句的语法错误。
;string name = Session["sname"].ToString();
OleDbConnection con = db.con();
con.Open();
OleDbCommand cmd = new OleDbCommand();
cmd.Connection = (OleDbConnection)con;
cmd.CommandText = "update Student set password=@password ,specialtyID=@specialtyID where Sname='" + name + "'";
cmd.Parameters.Add("@password", SqlDbType.DateTime);
cmd.Parameters.Add("@specialtyID", SqlDbType.Money);
cmd.Parameters["@password"].Value = this.txxpwd.Text;
cmd.Parameters["@specialtyID"].Value = this.DropDownList1.SelectedItem.Text;
cmd.ExecuteNonQuery();
con.Close();
Response.Write("<script language='javascript'>alert('修改成功')</script>");
}
}
求解正確的語法
------解决方案--------------------C# code
cmd.CommandText = "update Student set password='@password' ,specialtyID=@specialtyID where Sname='" + name + "'";
------解决方案--------------------
update Student set password=@password ,specialtyID=@specialtyID where Sname='" + name + "'"
如果password是nvarchar类型的,name改为
update Student set password='@password' ,specialtyID=@specialtyID where Sname='" + name + "'"
------解决方案--------------------
你要么全用参数化,要么全用拼接