0
Private Sub submit_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles submit.Click
Dim con As New OleDb.OleDbConnection
Dim cmd As New OleDb.OleDbCommand
Dim dbProvider As String = "PROVIDER = Microsoft.Jet.OleDb.4.0;"
Dim dbSource As String = "DATA SOURCE =" & Application.StartupPath & "\hospital.mdb"
con.ConnectionString = dbProvider & dbSource
If Not con.State = ConnectionState.Open Then
con.Open()
End If
cmd.Connection = con
cmd.CommandText = "INSERT INTO userdata(masterid, pname, aname, dob, bloodgroup, address, gender, referto, designation, relh, mpass, ward, bed, zone)" & _
"VALUES ('" & Me.masterid.Text & "','" & Me.pname.Text & "','" & Me.aname.Text & "','" & Me.dob.Text & "','" & Me.bloodgroup.Text & "','" & _
Me.address.Text & "','" & Me.gender.Text & "','" & Me.referto.Text & "','" & Me.designation.Text & "','" & Me.relh.Text & "','" & Me.mpass.Text & "','" & _
Me.ward.Text & "','" & Me.bed.Text & "','" & Me.zone.Text & "')"
cmd.ExecuteNonQuery()
con.Close()
End Sub
而且在cmd.Commandtext去的价值观与你生成SQL语句错误在Access INSERT INTO语句从VB.NET
"INSERT INTO userdata(masterid, pname, aname, [dob], bloodgroup, address, gender, referto, designation, relh, mpass, ward, bed, zone)VALUES ('305201323114','fsdfsd','sdfsd','5/29/2013','AB+','sdfsd','Male','sdfsd','sdfsd','sdfsd','sdfdsf','sdfsdf','dfds','North East Zone')"
而你得到的错误是?如果在你说“我得到一个错误”之后,你立即说“错误是”,并且提供错误的描述,包括你得到的任何错误信息的确切文本*,那么我们就可以更容易地解决问题。 。你的信息就在你面前。为什么不分享它,让你更容易帮助你免费获得帮助的人,这样他们就不用再努力工作了? –
此代码将容易受到sql注入攻击。 –