更新时间:2023-10-12 12:00:22
你应该重写整个sql 使用参数化查询来防止SQL Server中的SQL注入攻击 [ ^ ]
这也将避免凌乱的令人困惑的引号问题。
You should rewrite you whole sql Using Parameterized queries to prevent SQL Injection Attacks in SQL Server[^]
That will also avoid the messy and confusing quotes problem.
检查no.of列和值,你的传递是相同的数量,都是字符串数据类型?
试试这个
string query =插入预订(@Code,@ Status,@ Guest Name,@ Guest Email,@ Guest Phone No)值('+ textBox1.Text +','+ comboBox2.SelectedValue +','+ textBox1.Text +','+ textBox1.Text +','+ textBox1.Text +');
Check the no.of columns and values your passing are same count and all are string datatype?
try this
string query = "insert into Reservation (@Code, @Status,@Guest Name,@Guest Email,@Guest Phone No)values( '" +textBox1.Text+ "',"' + comboBox2.SelectedValue + "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "')";
你遗漏了值和组合框附近的一些报价
试试这个
You are missing some quotes near values and combobox
try this
string query = ("insert into Reservation (@Code, @Status,@Guest Name,@Guest Email,@Guest Phone No,@Checkin,@Check Out,@Adult No,@Child No,@Infant No,@Net Total,@Discount,@Tax,@Total,@Paid)+values( '" +textBox1.Text+ "','" + comboBox2.SelectedValue + "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "')");