条件表达式中的数据类型不匹配 VB.NET 中的错误
Data type mismatch in criteria expression Error in VB.NET
您好我在尝试以下代码时在 VB 中遇到上述错误,我在表单上有 3 个文本框,在用户输入股票代码后我希望表单输入匹配的产品组和相关文本框中的产品描述。我使用的代码如下
Private Sub txt_productcode_Leave(sender As Object, e As EventArgs) Handles txt_productcode.Leave
Dim dt As New DataTable
Dim connstring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:database
Dim SqlString As String = "select [product group],[product description] from [stock] where [stock code] = " & txt_productcode.Text & ""
Using conn As New OleDbConnection(connstring)
Using command As New OleDbCommand(SqlString, conn)
Using adapter As New OleDbDataAdapter(command)
conn.Open()
adapter.Fill(dt)
conn.Close()
End Using
Dim MyDataRow As DataRow = dt.Rows(0)
Dim x As Integer
x = dt.Rows.Count
For y = 0 To x - 1
If y < x Then
MyDataRow = dt.Rows(y)
txt_productgroup.Text = MyDataRow("product group")
txt_productdescription = MyDataRow("product description")
End If
Next
End Using
End Using
End Sub
每次我尝试 运行 这个表单崩溃时,我都会收到上面的错误消息,并且以下行在代码中突出显示
adapter.Fill(dt)
谁能解释一下为什么这不起作用?谢谢
嗯,您的 SQL 语句很可能包含错误。也许您在 WHERE 条件中缺少引号字符:
"… WHERE [stock code] = '" + ... + "'"
' ^ ^
顺便说一句。由于使用简单的字符串连接而不是使用参数化查询构建 SQL 命令,因此您的代码容易受到 SQL 注入攻击。
首先要做的是在构建命令文本和使用参数时删除字符串连接,然后为描述设置一个 TextBox 而不是其文本 属性。也删除了一些无用的代码
Private Sub txt_productcode_Leave(sender As Object, e As EventArgs) Handles txt_productcode.Leave
Dim dt As New DataTable
Dim connstring As String = "...."
Dim SqlString As String = "select [product group],[product description] " & _
"from [stock] where [stock code] = @stock"
Using conn As New OleDbConnection(connstring)
Using command As New OleDbCommand(SqlString, conn)
Using adapter As New OleDbDataAdapter(command)
conn.Open()
command.Parameters.AddWithValue("@stock", txt_productcode.Text)
adapter.Fill(dt)
End Using
For y = 0 To dt.Rows.Count - 1
Dim MyDataRow = dt.Rows(y)
txt_productgroup.Text = MyDataRow("product group").ToString()
txt_productdescription.Text = MyDataRow("product description").ToString()
Next
End Using
End Using
End Sub
您好我在尝试以下代码时在 VB 中遇到上述错误,我在表单上有 3 个文本框,在用户输入股票代码后我希望表单输入匹配的产品组和相关文本框中的产品描述。我使用的代码如下
Private Sub txt_productcode_Leave(sender As Object, e As EventArgs) Handles txt_productcode.Leave
Dim dt As New DataTable
Dim connstring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:database
Dim SqlString As String = "select [product group],[product description] from [stock] where [stock code] = " & txt_productcode.Text & ""
Using conn As New OleDbConnection(connstring)
Using command As New OleDbCommand(SqlString, conn)
Using adapter As New OleDbDataAdapter(command)
conn.Open()
adapter.Fill(dt)
conn.Close()
End Using
Dim MyDataRow As DataRow = dt.Rows(0)
Dim x As Integer
x = dt.Rows.Count
For y = 0 To x - 1
If y < x Then
MyDataRow = dt.Rows(y)
txt_productgroup.Text = MyDataRow("product group")
txt_productdescription = MyDataRow("product description")
End If
Next
End Using
End Using
End Sub
每次我尝试 运行 这个表单崩溃时,我都会收到上面的错误消息,并且以下行在代码中突出显示
adapter.Fill(dt)
谁能解释一下为什么这不起作用?谢谢
嗯,您的 SQL 语句很可能包含错误。也许您在 WHERE 条件中缺少引号字符:
"… WHERE [stock code] = '" + ... + "'"
' ^ ^
顺便说一句。由于使用简单的字符串连接而不是使用参数化查询构建 SQL 命令,因此您的代码容易受到 SQL 注入攻击。
首先要做的是在构建命令文本和使用参数时删除字符串连接,然后为描述设置一个 TextBox 而不是其文本 属性。也删除了一些无用的代码
Private Sub txt_productcode_Leave(sender As Object, e As EventArgs) Handles txt_productcode.Leave
Dim dt As New DataTable
Dim connstring As String = "...."
Dim SqlString As String = "select [product group],[product description] " & _
"from [stock] where [stock code] = @stock"
Using conn As New OleDbConnection(connstring)
Using command As New OleDbCommand(SqlString, conn)
Using adapter As New OleDbDataAdapter(command)
conn.Open()
command.Parameters.AddWithValue("@stock", txt_productcode.Text)
adapter.Fill(dt)
End Using
For y = 0 To dt.Rows.Count - 1
Dim MyDataRow = dt.Rows(y)
txt_productgroup.Text = MyDataRow("product group").ToString()
txt_productdescription.Text = MyDataRow("product description").ToString()
Next
End Using
End Using
End Sub