Question

好的，所以我一直在研究这个问题，而我仍然无法弄清楚我的代码有什么问题。错误非常模糊，它是{＆＃34; INSERT INTO语句中的语法错误。＆＃34;}。下面是我正在使用的代码。提前谢谢你的帮助！

   private void CreateSQL()
    {
        List<string> dataList = new List<string>();
        string delimiter = "|";
        string tableName = "MainAssets";
        string fileName = "RunningMaster.csv";

        DataSet data = new DataSet();
        StreamReader sr = new StreamReader(fileName);
        data.Tables.Add(tableName);
        data.Tables[tableName].Columns.Add("Plant");
        data.Tables[tableName].Columns.Add("Class");
        data.Tables[tableName].Columns.Add("Depr Account");
        data.Tables[tableName].Columns.Add("Inventory Number");
        data.Tables[tableName].Columns.Add("Dept");
        data.Tables[tableName].Columns.Add("Location");
        data.Tables[tableName].Columns.Add("Cap Date");
        data.Tables[tableName].Columns.Add("Last Inventoried");
        data.Tables[tableName].Columns.Add("Deactivation");
        data.Tables[tableName].Columns.Add("Asset Description");
        data.Tables[tableName].Columns.Add("Acquis Val");
        data.Tables[tableName].Columns.Add("Monthly Dep");
        data.Tables[tableName].Columns.Add("Ord dep post");
        data.Tables[tableName].Columns.Add("Accum Dep");
        data.Tables[tableName].Columns.Add("Book Val");
        data.Tables[tableName].Columns.Add("Serial");
        data.Tables[tableName].Columns.Add("Inventory Comments");
        data.Tables[tableName].Columns.Add("LFAC");
        data.Tables[tableName].Columns.Add("Room");
        data.Tables[tableName].Columns.Add("Pysical Location");
        data.Tables[tableName].Columns.Add("Manufacturer");
        data.Tables[tableName].Columns.Add("EFO");
        data.Tables[tableName].Columns.Add("Updated");
        data.Tables[tableName].Columns.Add("Status");
        data.Tables[tableName].Columns.Add("Inventory State");
        data.Tables[tableName].Columns.Add("Inventoried By");
        data.Tables[tableName].Columns.Add("Prior Room");
        string allData = sr.ReadToEnd();
        string[] rows = allData.Split("\r".ToCharArray());
        rows = rows.Skip(1).ToArray();

        foreach(string r in rows)
        {
            string[] items = r.Split(delimiter.ToCharArray());
            data.Tables[tableName].Rows.Add(items);
        }
        // this.dataGridView1.DataSource = data.Tables[0].DefaultView;

        for (int i = 0; i <= data.Tables[tableName].Rows.Count - 1; i++)
        {
            MessageBox.Show(data.Tables[tableName].Rows[0][4].ToString());
                OleDbConnection myConnection = new OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source= hello.accdb");
                OleDbCommand cmd = new OleDbCommand();
                myConnection.Open();
                cmd.Connection = myConnection;
            cmd.CommandText = "INSERT INTO Asset Inventory ([ID],[Plant],[Class],[Depr Account],[Inventory Number],[Dept],[Location],[Cap Date],[Last Inventoried],[Deactivation],[Asset Description],[Acquis Val],[Monthly Dep],[Ord dep posted],[Accum dep],[Book Val],[Serial],[Inventory Comment],[LFAC],[Room],[Pysical Location],[Manufacturer],[EFO],[Updated],[Status],[Inventory State],[Inventory By],[Prior Room])" +
            "VALUES ('" + data.Tables[tableName].Rows[i][0].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][1].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][2].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][3].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][4].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][5].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][6].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][7].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][8].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][9].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][10].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][11].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][12].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][13].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][14].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][15].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][16].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][17].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][18].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][19].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][20].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][21].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][22].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][23].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][24].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][25].ToString() + "' , '" +
                          data.Tables[tableName].Rows[i][26].ToString() + "' , '" ;


                cmd.ExecuteNonQuery();
                myConnection.Close();

Answer 1

您的表名似乎在其名称中有一个空格，您可以用[]包围它：

INSERT INTO [Asset Inventory] ( ....

但最好将其命名为AssetInventory或Asset_Inventory。

除了这个糟糕的设计决定之外，你还应该修复你使用字符串连接而不是sql-parameters。您当前可能容易受到SQL注入攻击。

从数据集到访问数据库C＃

1 个答案: