1

我收到一个错误,ExecuteNonQuery真的不知道为什么。我花了很多时间在网上搜索并意识到User必须介于 之间[],但这并没有解决我的问题。

else {
    DataTable table = new DataTable();
    string query = "SELECT * FROM [User] WHERE Email = '" + tbMail.Text + "'";
    OleDbDataAdapter adapter = new OleDbDataAdapter(query, connectionString);
    int count = adapter.Fill(table);
    if (count != 0)    {
        MessageBox.Show("This email is already in use", "Email in use", MessageBoxButtons.OK, MessageBoxIcon.Information);
    } else {
        OleDbConnection connection = new OleDbConnection(connectionString);
        OleDbCommand insertCommand = new OleDbCommand();
        adapter = new OleDbDataAdapter();

        string encryptedPassword = Convert.ToBase64String(System.Security.Cryptography.MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(tbPass.Text)));

        connection.Open();

        string command = "INSERT INTO [User] (Username, Password, Email) VALUES('" + tbUser.Text + "', '" + encryptedPassword + "', " + tbMail.Text + ")";
        insertCommand.Connection = connection;
        insertCommand.CommandText = command;
        adapter.InsertCommand = insertCommand;
        adapter.InsertCommand.ExecuteNonQuery();

        connection.Close();
    }
}

错误是:

解析查询时出错。[令牌行号,令牌行偏移量,,令牌错误,,]"

4

1 回答 1

2

您的电子邮件值必须在引号之间,就像用户名和密码一样。

还有一点就是应该使用sql参数来防止sql注入攻击。

于 2013-01-14T16:47:54.427 回答