我正在VB 2012中做一些练习,我已经将它连接到microsoft access 2013中的数据库。当我运行它时,Select Trans_date from [Transaction] where Trans_date = SYSDATE
这是我的代码......
Imports System.Data
Imports System.Data.OleDb
Imports System.Data.Odbc
Imports System.Data.DataTable
Public Class Form1
Dim provider As String
Dim dataFile As String
Dim connString As String
Dim myConnection As OleDbConnection = New OleDbConnection
Dim ds As DataSet = New DataSet
Dim da As OleDbDataAdapter
Dim tables As DataTableCollection = ds.Tables
Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
provider = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source="
dataFile = "C:\Users\hp-2\Documents\Visual Studio 2012\Projects\Delta\Delta.mdb"
connString = provider & dataFile
myConnection.ConnectionString = connString
da = New OleDbDataAdapter("Select Trans_date from [Transaction] where Trans_date = SYSDATE"
& t_date.Text & "'", myConnection)
da.Fill(ds, "Transaction")
Dim view1 As New DataView(tables(0))
Dim source1 As New BindingSource()
source1.DataSource = view1
showdata.DataSource = view1
showdata.Refresh()
End Sub
Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click
End Sub
End Class
这是我的错误..
An unhandled exception of type 'System.Data.OleDb.OleDbException' occurred in System.Data.dll
Additional information: Syntax error in string in query expression 'Trans_date = SYSDATE''.
答案 0 :(得分:2)
尝试使用Date()代替SYSDATE
答案 1 :(得分:1)
您应该使用参数化查询。作为一个例子
Dim query = "Select Trans_date from [Transaction] " & _
"where Trans_date = ?"
da = New OleDbDataAdapter(query, myConnection)
da.SelectCommand.Parameters.AddWithValue("@p1", DateTime.Today)
da.Fill(ds, "Transaction")
此处,框架将使用查询文本中的占位符?以及添加到SelectCommand集合的参数,以构建传递给底层数据库引擎的正确查询。
在 OleDb 中,参数不会被特定名称识别(与其他网络数据库驱动程序一样),而只能通过它们在查询文本中的位置来识别。因此第一个占位符(?)与第一个参数(@ p1)相关联,其值被格式化并传递给MSAccess引擎。
使用参数传递文本命令至关重要。您不必担心如何格式化日期,字符串和十进制数。并且(MSAccess可能性较小,但总是有可能)你不会编写暴露给Sql Injections的代码