0

我需要帮助找出我的 SQL 语句中的错误。我一直在尝试几件事,但似乎没有任何效果?这是我收到的错误消息

Run-time error '3075':

Syntax error (missing operator) in query expression '([description] = Manufacturing and Delivery Schedule AND [pr_num] = 83)'.

这是我的代码:

Private Sub Command6_Click()
' ===================================================
' Receives the selected item in the combo box
' ===================================================

' Open the Database connection
Dim data_base As Database
Set data_base = CurrentDb

' Grab description and pr number from the form
Dim desc As string
dim pr_number as long
desc = Combo4.Value
pr_number = Text8.Value

' Build the query
Dim query As String
query = "UPDATE VDR_Table " & _
    "SET [received] = [p1] " & _
    "WHERE ([description] = " & desc & _
    " AND [pr_num] = " & pr_number & ");"

Dim rec_set As DAO.Recordset
Set rec_set = data_base.OpenRecordset(query)

' Build the QueryDef
Set qd = data_base.CreateQueryDef("")
qd.SQL = query

' Execute query
qd.Parameters("p1").Value = true
qd.Execute

' Close nad null record set
rec_set.close
set rec_set = nothing

' Close the connection to the database
data_base.Close

' Prompt the user success
MsgBox "Item has been received"
End Sub

提前感谢您的帮助!

4

1 回答 1

1

You need to enclose the description field value you are setting in quotes since it is a string field. It should look like this:

' Build the query
Dim query As String
query = "UPDATE VDR_Table " & _
    "SET [received] = [p1] " & _
    "WHERE ([description] = '" & desc & _
    "' AND [pr_num] = " & pr_number & ");"

Removed the links below since they don't matter in this case.

Also, I would recommend using parameters instead of string concatenations to avoid SQL injections. Here's an example of using parameters with VBA - http://support.microsoft.com/kb/181734 - and here is some reasoning on why to use parameterized sql - http://www.codinghorror.com/blog/2005/04/give-me-parameterized-sql-or-give-me-death.html.

于 2012-08-27T15:59:11.847 回答