SQL 当我用“&”连接时插入语法错误

SQL Insert syntax error when I concatenate with "&"

我正在使用 visual basic 和 access。

如果我尝试用“+”连接,释放以下错误:从字符串“”到类型 'Double' 的转换无效。

我的代码:

 Protected Friend Sub insertarProducto(ByVal codigo As String, ByVal modelo As String, ByVal serial As String, ByVal pallet As String, ByVal precio As Double, ByVal cantidad As Integer, ByVal descripcion As String)
    Try
        con.Open()
        adapter = New OleDbDataAdapter("Insert into Productos(Cod_Producto,Serial,Lote/pallet,Modelo,Descripcion,Precio,Cantidad)Values('" & codigo & "','" & serial & "','" & pallet & "','" & modelo & "','" & descripcion & "'," & precio & "," & cantidad & ")", con)
        adapter.Fill(tabla)
    Catch ex As Exception
        MsgBox("Problemas en la consulta: " + ex.Message(), MsgBoxStyle.Critical)
    End Try
    con.Close()
End Sub

我的专栏顺序很好。 这是怎么回事?

使用参数化语句

            _command = New SqlCommand
            _command.Connection = connection
            _command.CommandTimeout = 30
             tabla = new dataset()
            _sqlda = New SqlDataAdapter(_command)

            _command.Parameters.AddWithValue("@Cod_Producto", codigo)
            _command.Parameters("@Cod_Producto").Direction = ParameterDirection.Input

            _command.Parameters.AddWithValue("@Serial", serial)
            _command.Parameters("@Serial").Direction = ParameterDirection.Input

         and so on..
          _sqlda.Fill(tabla)


      Public Function FillDataSet(query As String, ByVal ParamArray para() As Object) As DataSet

             dim _transaction As SqlTransaction
             Dim _command As SqlCommand

            _command = New SqlCommand(query, yourConnection)

            _ds = New DataSet
            _sqlda = New SqlDataAdapter(_command )
            _command.Transaction = _transaction

            For i = 0 To para.Count - 1
                _command.Parameters.AddWithValue("@" & i, para(i))
            Next

            _sqlda.Fill(_ds)

           return _ds

您的密码是

OleDbDataAdapter("Insert into Productos(Cod_Producto,Serial,Lote/pallet,Modelo,Descripcion,Precio,Cantidad)Values('" & codigo & "','" & serial & "','" & pallet & "','" & modelo & "','" & descripcion & "', " & precio & "," & cantidad & ")", con)

尝试检查最后两个变量,yoy 似乎缺少单引号和双引号。它应该看起来像这样:

OleDbDataAdapter("Insert into Productos(Cod_Producto,Serial,Lote/pallet,Modelo,Descripcion,Precio,Cantidad)Values('" & codigo & "','" & serial & "','" & pallet & "','" & modelo & "','" & descripcion & "', '" & precio & "','" & cantidad & "' "), con)

(尤其是肯)我听从了你的建议。 最后,我能够成功地将数据插入到我的数据库中!首先我修改了一个列的名称(Lote/pallet)并写了这段代码:

Protected Friend Sub insertarProducto(ByVal codigo As String, ByVal modelo As String, ByVal serial As String, ByVal pallet As String, ByVal precio As Double, ByVal cantidad As Integer, ByVal descripcion As String, ByVal imagen As String)
    Dim cmd As String = "Insert into Productos(Cod_Producto,Serial,Lotpallet,Modelo,Descripcion,Precio,Cantidad,Imagen)Values(@Cod_Producto,@Serial,@Lotpallet,@Modelo,@Descripcion,@Precio,@Cantidad,@Imagen)"
    Try
        con.Open()
        comando = New OleDbCommand(cmd, con)
        comando.Parameters.AddWithValue("@Cod_Producto", codigo)
        comando.Parameters.AddWithValue("@Serial", serial)
        comando.Parameters.AddWithValue("@Lotpallet", pallet)
        comando.Parameters.AddWithValue("@Modelo", modelo)
        comando.Parameters.AddWithValue("@Descripcion", descripcion)
        comando.Parameters.AddWithValue("@Precio", precio)
        comando.Parameters.AddWithValue("@Cantidad", cantidad)
        comando.Parameters.AddWithValue("@Imagen", imagen)
        comando.ExecuteNonQuery()
        comando.Dispose()
    Catch ex As Exception
        MsgBox("Problemas en la consulta: " + ex.Message(), MsgBoxStyle.Critical)
    End Try
    con.Close()
End Sub

这个网站对我帮助很大: http://www.codeguru.com/columns/vb/using-parameterized-queries-and-reports-in-vb.net-database-applications.htm

我不知道这是否是最好的方法...非常感谢您的建议!