C# 代码不会添加到数据库中
由于某些原因,我的新记录保存在一个表格中,它不会添加到我的数据库中。谢谢大家 出现了一个错误,我不知道如何修复它 如果有任何更多的信息,你需要让我知道,我会上传更多的东西,如果任何人能够帮助C# 代码不会添加到数据库中,c#,database,ms-access,C#,Database,Ms Access,由于某些原因,我的新记录保存在一个表格中,它不会添加到我的数据库中。谢谢大家 出现了一个错误,我不知道如何修复它 如果有任何更多的信息,你需要让我知道,我会上传更多的东西,如果任何人能够帮助 double addCrd; double addSav; double addHomeLoan; double addHomeRate; bool CredOK = double.TryParse(creditBox.Te
double addCrd;
double addSav;
double addHomeLoan;
double addHomeRate;
bool CredOK = double.TryParse(creditBox.Text, out addCrd);
bool SavOK = double.TryParse(savingsBox.Text, out addSav);
bool HoloOK = double.TryParse(homeLoanBalanceBox.Text, out addHomeLoan);
bool HoRatOK = double.TryParse(homeLoanRateBox.Text, out addHomeRate);
bool exists = false;
foreach (Client client in records)
{
if (nameBox.Text == client.Name)
{
exists = true;
}
}
try
{
if (YesLoanRadio.Checked)
{
clientTypeBox.Text = "LC";
if (exists == false)
{
if (!CredOK || !SavOK || !HoloOK || !HoRatOK)
{
MessageBox.Show("Invalid Data");
}
else
{
Client add = new LoanClient(clientTypeBox.Text,MakeID(), nameBox.Text, suburbBox.Text, addCrd, addSav, addHomeLoan, addHomeRate);
records.Add(add);
sql_1 = "INSERT INTO Client VALUES ('LC'," + "'" + (records[position] as LoanClient).ID + "'" + "," + "'" + (records[position] as LoanClient).Name + "'" + "," + "'" + (records[position] as LoanClient).Suburb + "'" + "," + "'" + (records[position] as LoanClient).CreditBalance + "'" + "," + "'" + (records[position] as LoanClient).SavingsBalance + "'" + "," + "'" + (records[position] as LoanClient).HomeLoanBalance + "'" + "," + "'" + (records[position] as LoanClient).HomeLoanInterestRate + "')";
showform();
MessageBox.Show("User Added");
position++;
}
}
}
else if (NoLoanRadio.Checked)
{
clientTypeBox.Text = "BC";
if (exists == false)
{
if (!CredOK || !SavOK)
{
MessageBox.Show("Invalid Data");
}
else
{
Client add = new Client(clientTypeBox.Text, MakeID(), nameBox.Text, suburbBox.Text, addCrd, addSav);
records.Add(add);
sql_1 = "INSERT INTO Client VALUES ('BC', '" + records[position].ID + "'" + "," + "'" + records[position].Name + "'" + "," + "'" + records[position].Suburb + "'" + "," + "'" + records[position].CreditBalance + "'" + "," + "'" + records[position].SavingsBalance + "','','')";
showform();
MessageBox.Show("User Added");
position++;
}
}
}
else
{
MessageBox.Show("Please Select if you have a home Loan !!!!");
}
try
{
DBQuery(sql_1);
}
catch (OleDbException e4)
{
MessageBox.Show(e4.ToString());
records.Remove(records[position]);
position = records.Count - 1;
}
}
catch
{
MessageBox.Show("Invalid entry. You must enter a number value into Balance and Credit Used.");
}
public void DBQuery(string sql) // changed static from public
{
try
{
conn.Open();
OleDbCommand cmd = new OleDbCommand(sql, conn);
cmd.ExecuteNonQuery();
}
catch (OleDbException e)
{
MessageBox.Show(e.ToString());
}
conn.Close();
}
请尝试sql异常代码
catch (DbUpdateException ex)
{
var sqlex = ex.InnerException.InnerException as SqlException;
if (sqlex != null)
{
switch (sqlex.Number)
{
case 547: throw new ExNoExisteUsuario("No existe usuario destino."); //FK exception
case 2627:
case 2601:
throw new ExYaExisteConexion("Ya existe la conexion."); //primary key exception
default: throw sqlex; //otra excepcion que no controlo.
}
}
throw ex;
}
出现了哪个错误?这看起来很容易受到sql注入攻击。请使用参数插入方法中的内容
DBQuery