问题
I'm trying to update an Access database using a SQL query, whenever I click the save button, it generates an error
An unhandled exception of type 'System.Data.OleDb.OleDbException' occurred in System.Data.dll
Additional information: No value given for one or more required parameters.
And highlights .ExecuteNonQuery(). Can you guys help me on this? I'm new to vb.net.
Thanks in advance.
Private Sub SaveButton_Click(sender As Object, e As EventArgs) Handles SaveButton.Click
Dim empNum As String
Dim empFname As String
Dim empLname As String
Dim empDept As String
Dim empStat As String
Dim empYears As String
empNum = eNumText.Text
empFname = empFnameText.Text
empLname = empLnameText.Text
empDept = DeptText.Text
empStat = StatText.Text
empYears = yearstext.Text
con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0; Data Source= c:\Databse\Company_db.accdb"
con.Open()
MsgBox(empNum)
Dim SqlAdapter As New OleDbDataAdapter
Dim Table As New DataTable
Dim sqlQuery As String = "UPDATE tbl_empinfo SET EmpID='" & empNum & "', FirstName ='" & empFname & "', LastName='" & empLname & "', Department='" & empDept & "', Status='" & empStat & "', Years='" & empYears & "' WHERE EmpID ='" & empNum & "' "
Using cmd As New OleDbCommand(sqlQuery, con)
With cmd
.CommandText = sqlQuery
.Connection = con
.Parameters.AddWithValue("EmpID", empNum)
.Parameters.AddWithValue("FirstName", empFname)
.Parameters.AddWithValue("LastName", empLname)
.Parameters.AddWithValue("Department", empDept)
.Parameters.AddWithValue("Status", empStat)
.Parameters.AddWithValue("Years", empYears)
.ExecuteNonQuery()
End With
End Using
sqlQuery = "SELECT * FROM tbl_empinfo "
Dim cmd1 As New OleDbCommand
Dim da As New OleDbDataAdapter
With cmd1
.CommandText = sqlQuery
.Connection = con
With SqlAdapter
.SelectCommand = cmd1
.Fill(Table)
End With
With DataGridView1
.DataSource = Table
End With
End With
con.Close()
End Sub
回答1:
your query syntax is wrong. Since you are using params, use placeholders in the SQL: (the question marks are not some 'etc' type thing, you use ? to mark parameters!):
Dim sqlQuery As String = "UPDATE tbl_empinfo SET FirstName = ?,
LastName=?, Department=?,
Status=?, Years=? WHERE empID = ?"
Note: Six parameters
' USING will dispose of the cmd when it is done with it
' ...can also set the SQL and connection props in the constructor:
Using cmd As New OleDbCommand(sqlQuery, con)
With cmd
' no reason to move Textboxes to a variable either:
.Parameters.AddWithValue("@p1", empFnameText.Text)
.Parameters.AddWithValue("@p2", empLnameText.Text)
.Parameters.AddWithValue("@p3", DeptText.Text)
.Parameters.AddWithValue("@p4", StatText.Text)
.Parameters.AddWithValue("@p5", yearstext.Text)
your missing 6th parameter:
.Parameters.AddWithValue("@p6", eNumText.Text)
.ExecuteNonQuery()
End With
End Using
I dont think Access supports named params, so you use dummy ones but be sure to AddWithValue in the order specified in the SQL string.
EDIT
You can just create a SQL string with the values embedded instead of using params which is sort of what your SQL string does. Params are much better (research SQL injection attacks), but your string method is wrong (and you cant mix methods). It should be:
Dim sqlQuery As String = "UPDATE tbl_empinfo " &
"SET FirstName = " & empFname & ", LastName=" & empLname
The variables have to be outside the quotes or you will be setting FirstName to the literal "empFname"
来源:https://stackoverflow.com/questions/23185958/error-on-executenonquery-in-sql-update-query