0

我正在尝试使用 SQL Server 数据库执行我的登录表单。但我收到一条错误消息

' '附近的语法不正确

我收到错误的行是:

objda.Fill(objds, "adm");

我的代码是:

public partial class Form1 : Form
{
    int total;
    SqlConnection objc;
    string c = "data source=.; initial catalog=student; integrated security=SSPI";
    SqlDataAdapter objda;
    DataSet objds;
    SqlCommand objcmd;

    public Form1()
    {
        InitializeComponent();
    }

    private void Form1_Load(object sender, EventArgs e)
    {
    }

    private void button1_Click(object sender, EventArgs e)
    {
        if (objc != null)
        {
            objc.Open();
        }
        objcmd = new SqlCommand("select * form adm where Name= ' " + textBox1.Text + "',pass = ' " + textBox2.Text + "'", objc);
        if (objc != null)
        {
            objc.Close();
        }
        objc = new SqlConnection(c);
        objcmd = new SqlCommand("search * from adm", objc);
        objda = new SqlDataAdapter(objcmd.CommandText, objc);
        objds = new DataSet();
        objda.Fill(objds, "adm");

        total = Convert.ToInt32(objds.Tables["adm"].Rows.Count);
        if (total > 0)
        {
            MessageBox.Show("welcome");
            Class1.login = textBox1.Text;
            Form2 f2 = new Form2();
            this.Hide();
            f2.Show();
        }
        else
        {
        }

我该怎么办?

哪里有问题?

4

4 回答 4

1

除了 SQL 注入漏洞、缺少 using 语句和明显不正确的语法(缺少 AND,加上拼写错误的 FROM)之外:

您忘记打开连接。

于 2012-11-03T06:54:00.777 回答
0

您必须再次打开连接

  objc.Open();

并改变

select * form

select * from

AND不见了。

于 2012-11-03T06:55:48.867 回答
0

您忘记在两个条件之间放置“And”并且错过了拼写form关键字。

objcmd = new SqlCommand("select * from adm where Name= '" + textBox1.Text + "' And pass = '" + textBox2.Text + "'", objc);

顺便说一句,您应该使用parameters避免sql injection漏洞

于 2012-11-03T06:56:27.507 回答
-3
objcmd = new SqlCommand("select * form adm where Name= ' " + textBox1.Text + "',pass = ' " + textBox2.Text + "'", objc);

应该是:

objcmd = new SqlCommand("select * from adm where Name= ' " + textBox1.Text + "',pass = ' " + textBox2.Text + "'", objc);
于 2012-11-03T06:54:06.063 回答