你应该重写整个sql 使用参数化查询来防止SQL Server中的SQL注入攻击 [ ^ ]

这也将避免凌乱的令人困惑的引号问题。

You should rewrite you whole sql Using Parameterized queries to prevent SQL Injection Attacks in SQL Server[^]
That will also avoid the messy and confusing quotes problem.

检查no.of列和值，你的传递是相同的数量，都是字符串数据类型？



试试这个



string query =插入预订（@Code，@ Status，@ Guest Name，@ Guest Email，@ Guest Phone No）值（'+ textBox1.Text +'，'+ comboBox2.SelectedValue +'，'+ textBox1.Text +'，'+ textBox1.Text +'，'+ textBox1.Text +'）;

Check the no.of columns and values your passing are same count and all are string datatype?

try this

string query = "insert into Reservation (@Code, @Status,@Guest Name,@Guest Email,@Guest Phone No)values( '" +textBox1.Text+ "',"' + comboBox2.SelectedValue + "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "')";

你遗漏了值和组合框附近的一些报价



试试这个

You are missing some quotes near values and combobox

try this

string query = ("insert into Reservation (@Code, @Status,@Guest Name,@Guest Email,@Guest Phone No,@Checkin,@Check Out,@Adult No,@Child No,@Infant No,@Net Total,@Discount,@Tax,@Total,@Paid)+values( '" +textBox1.Text+ "','" + comboBox2.SelectedValue + "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "','" +textBox1.Text+ "')");