【发布时间】:2017-06-29 07:51:48
【问题描述】:
Private Sub Button2_Click(sender As Object, e As EventArgs) 处理 Button2.Click
Dim con As New SqlConnection
Dim cmd As New SqlCommand
Try
con.ConnectionString = "Data Source=DESKTOP-3H4F5GB\MURATS;Initial Catalog=CRM;Integrated Security=True"
con.Open()
cmd.Connection = con
cmd.CommandText = "UPDATE Firma SET (Sektor = '" & ComboBox1.Text & "', Tip = '" & ComboBox2.Text & "', Telefon = '" & MaskedTextBox1.Text & "', Web = '" & TextBox2.Text & "', Adres = '" & RichTextBox2.Text & "', OSB = '" & ComboBox3.Text & "', PR = '" & ComboBox4.Text & "', Sehir = '" & ComboBox5.Text & "', Ulke = '" & ComboBox6.Text & "', Note = '" & RichTextBox1.Text & "', Durum = '" & ComboBox7.Text & "', Email ='" & TextBox3.Text & "') WHERE Firma = '" & ComboBox8.Text & "'"**
cmd.ExecuteNonQuery()
Catch ex As Exception
MessageBox.Show("Error while inserting record on table..." & ex.Message, "Insert Records")
Finally
con.Close()
End Try
End Sub
【问题讨论】:
-
我找不到问题部分我无法修复它并输入如下
-
删除
SET之后和Where之前的括号。您还需要参数化您的查询。当前代码对sql注入开放。 -
非常感谢
-
abi 这个问题你解决了吗?
-
Werdna 我听不懂
标签: sql-server vb.net visual-studio