Incorrect syntax near ''. Unclosed quotation mark after the character string ' '

前端未结

关注

 6  651

说谎 2021-01-24 00:11

I\'m just wondering if someone could point me in the right direction here, I think i\'ve been looking at it for too long so can\'t see the mistake.

The following code:

6条回答

予麋鹿 (楼主)

2021-01-24 00:31

You should really be using SQL parameters. Not only does it help to protect your app from SQL injection attacks, it will also make SQL syntax errors easier to spot.

SqlCommand updateStyle = new SqlCommand("UPDATE [Lorenz].[dbo].[Layout] SET [bgColour] = @bgColour, [textColour] = @textColour WHERE <[LoweredUserName] = @currentUser", connection);
updateStyle.Parameters.Add(new SqlParameter("@bgColour", bgColour));
updateStyle.Parameters.Add(new SqlParameter("@textColour", textColour));
updateStyle.Parameters.Add(new SqlParameter("@currentUser", currentUser));
updateStyle.ExecuteNonQuery();

0 讨论(0)

查看其它6个回答