Mysql 删除和更新命令不起作用…asp.net2010、SQLYG数据库5.0中的程序
在该程序中,我的显示和添加按钮正在工作,但在更新和删除记录时,它会出现异常错误,即检查与MYSQL服务器对应的手册,以了解正确的语法。。。。。 你能纠正我的语法吗Mysql 删除和更新命令不起作用…asp.net2010、SQLYG数据库5.0中的程序,mysql,asp.net,Mysql,Asp.net,在该程序中,我的显示和添加按钮正在工作,但在更新和删除记录时,它会出现异常错误,即检查与MYSQL服务器对应的手册,以了解正确的语法。。。。。 你能纠正我的语法吗 Imports MySql.Data.MySqlClient Imports System.Data Partial Class _Default Inherits System.Web.UI.Page Dim connection As MySqlConnection = New MySqlConnection("data
Imports MySql.Data.MySqlClient
Imports System.Data
Partial Class _Default Inherits System.Web.UI.Page
Dim connection As MySqlConnection = New MySqlConnection("data source=localhost;database=dbconnect;user id=root;password=search;")
Dim mydataset As New DataSet()
Dim mydataadpter As MySqlDataAdapter = New MySqlDataAdapter()
Public query As String
' Dim con As MySqlConnection = New MySqlConnection("data source=localhost;database=dbconnect;user id=root;password=search;")
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
connection.Open()
End Sub
Protected Sub btn_display_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btn_display.Click
Dim mysql As MySqlCommand = New MySqlCommand("select * from userinfo", connection)
mydataadpter.SelectCommand = mysql
mydataadpter.Fill(mydataset, "product")
Try
GridView1.DataSource = mydataset
GridView1.DataBind()
GridView1.DataMember = "product"
connection.Close()
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub
Protected Sub btn_add_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btn_add.Click
query = "INSERT INTO userinfo VALUES("
query = query + txt_userid.Text + ",'" + txt_username.Text + "'," + txt_age.Text + ")"
Dim MySqlCommand = New MySqlCommand(query, connection)
Dim i As Integer = MySqlCommand.ExecuteNonQuery()
If (i > 0) Then
MsgBox("record is saved")
Else
MsgBox("record is not saved")
End If
End Sub
Protected Sub btn_update_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btn_update.Click
Try
query = "UPDATE USERINFO SET username='" + txt_username.Text + "',"
query = query + "age=" + txt_age.Text
query = query + "WHERE userid=" + txt_userid.Text
Dim mysqlcommand = New MySqlCommand(query, connection)
MsgBox(query)
Dim i As Integer = mysqlcommand.ExecuteNonQuery()
If (i > 0) Then
MsgBox("record is updated")
Else
MsgBox("record is not updated")
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub
Protected Sub btn_delete_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btn_delete.Click
Try
query = "DELETE FROM userinfo WHERER userid=" + txt_userid.Text
Dim mysqlcommand As New MySqlCommand(query, connection)
MsgBox(query)
Dim i As Integer = mysqlcommand.ExecuteNonQuery()
If (i > 0) Then
MsgBox("record is deleted")
Else
MsgBox("record is not deleted")
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Sub
End Class
您的查询在语法上似乎是正确的,但是,我总是使用参数化查询而不是字符串连接。这将避免Sql注入,参数值周围的引号将由框架代码执行 请尝试更新方法
Try
query = "UPDATE USERINFO SET username=@uname, age=@uage WHERE userid = @uid";
Dim mysqlcommand = New MySqlCommand(query, connection)
mysqlcommand.Parameters.AddWithValue("@uname", txt_username.Text))
mysqlcommand.Parameters.AddWithValue("@uage",Convert.ToInt32(txt_age.Text))
mysqlcommand.Parameters.AddWithValue("@uid",Convert.ToInt32(txt_userid.Text))
Dim i As Integer = mysqlcommand.ExecuteNonQuery()
If (i > 0) Then
MsgBox("record is updated")
Else
MsgBox("record is not updated")
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
Try
query = "UPDATE USERINFO SET username=@uname, age=@uage WHERE userid = @uid";
Using con = new MySqlConnection(.......)
Using cmd = new MySqlCommand(query, con)
con.Open()
cmd.Parameters.AddWithValue(......)
End Using
End Using
Catch ex As Exception
....
End Try
对于确保正确使用昂贵的资源(如与数据库的连接)以及确保正确关闭和处置此类对象至关重要是年龄和用户id数字整型字段?年龄和id ate数据类型int