这是我的代码,我在我的INSERT statement
用于获取语法错误:C#语法错误 - INSERT INTO语句。访问数据库。
string strSql = "INSERT INTO Responses (OCR, DeadlineDate, OCR Title) VALUES ('"+textBox5.Text+"','"+textBox7.Text+"', '"+textBox6.Text+"')";
OleDbConnection newConn = new OleDbConnection(strProvider);
OleDbCommand dbCmd = new OleDbCommand(strSql, newConn);
newConn.Open();
dbCmd.ExecuteNonQuery();
什么想法?
避免目前的注入漏洞; http://stackoverflow.com/questions/5893837/using-parameters-inserting-data-into-access-database –