我得到错误“查询EXPRESSION中的字符串中的语法错误'用户名=用户'我认为问题出在”me.Username.tag“中但是我卡住了。
conn = New OleDbConnection(Get_Constring)
conn.Open()
cmd.Connection = conn
cmd.CommandType = CommandType.Text
cmd.CommandText = "select Username, fname, lname, mname, [password], [level], Question, answer from Instructor where Username= '" & Me.txtusername.Tag
dr = cmd.ExecuteReader
If dr.HasRows Then
While dr.Read
Me.txtusername.Tag = dr("Username")
Me.txtfname.Text = IIf(Not IsDBNull(dr("fname")), dr("fname"), "")
Me.txtlname.Text = IIf(Not IsDBNull(dr("lname")), dr("lname"), "")
Me.txtinitial.Text = IIf(Not IsDBNull(dr("mname")), dr("mname"), "")
Me.txtpassword.Text = IIf(Not IsDBNull(dr("password")), dr("password"), "")
Me.lbllevel.Text = IIf(Not IsDBNull(dr("level")), dr("level"), "")
Me.txtusername.Text = IIf(Not IsDBNull(dr("Username")), dr("Username"), "")
Me.cmbquestion.Text = IIf(Not IsDBNull(dr("Question")), dr("Question"), "")
Me.txtanswer.Text = IIf(Not IsDBNull(dr("answer")), dr("answer"), "")
End While
End If
答案 0 :(得分:3)
您未在查询中关闭引号:
where Username= '" & Me.txtusername.Tag
应该是:
where Username= '" & Me.txtusername.Tag & "'"
重要 :您的代码可能容易受到SQL注入攻击。请使用parameterized queries。像这样:
cmd.CommandText = "select Username, fname, lname, mname, [password], [level], Question, answer from Instructor where Username= @username"
Dim parameter As New SqlParameter()
parameter.ParameterName = "@username"
parameter.SqlDbType = SqlDbType.NVarChar
parameter.Value = Me.txtusername.Tag
cmd.Parameters.Add(parameter);
答案 1 :(得分:2)
我认为问题是你没有关闭单引号。
试试这个:
cmd.CommandText = "select Username, fname, lname, mname, [password], [level], Question, answer from Instructor where Username= '" & Me.txtusername.Tag & "'"
答案 2 :(得分:1)
您尚未关闭在查询结尾处打开的单引号