首先,您应该使用参数化查询——这很容易受到 SQL 注入的影响。
看看这里:参数化查询如何帮助防止 SQL 注入?
要回答您的问题,您需要研究OleDbCommand
和ExecuteNonQuery
:
public void InsertRow(string connectionString, string insertSQL)
{
using (OleDbConnection connection = new OleDbConnection(connectionString))
{
// The insertSQL string contains a SQL statement that
// inserts a new row in the source table.
OleDbCommand command = new OleDbCommand(insertSQL);
// Set the Connection to the new OleDbConnection.
command.Connection = connection;
// Open the connection and execute the insert command.
try
{
connection.Open();
command.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
// The connection is automatically closed when the
// code exits the using block.
}
}
http://msdn.microsoft.com/en-us/library/system.data.oledb.oledbconnection(v=vs.100).aspx
此外,您可能需要重新查看您的 SQL - 不确定您要完成什么。如果您使用的是 SQL Server,则语法应类似于UPDATE TABLE SET FIELD = VALUE WHERE FIELD = VALUE
.
祝你好运。