2

你好。第一个代码片段将文本框值插入数据库并且效果很好:

    Public Sub InsertintoTable(ByVal username As String, ByVal password As String)
        Dim adp As New SqlCommand("INSERT INTO [users_tbl] (usr_username,usr_password) values ('" & username & "','" & password & "')", con)
        adp.ExecuteNonQuery()
    End Sub



相反,我想使用 AddWithValue,所以我试试这个:

    Public Sub InsertintoTable(ByVal username As String, ByVal password As String)
        Using adp As New SqlCommand("INSERT INTO [users_tbl] (usr_username, usr_password) values (@username, @password)", con)
            adp.Parameters.AddWithValue("@usr_username", username)
            adp.Parameters.AddWithValue("@usr_password", password)
            adp.ExecuteNonQuery()
        End Using
    End Sub

但不幸的是它抛出了一个错误:

Exception Details: System.Data.SqlClient.SqlException: Must declare the scalar variable "@username".

为什么会出错?我的AddWithValue片段可能是错误的吗?

谢谢你。

4

2 回答 2

5

参数名称不同,这有效:

adp.Parameters.AddWithValue("@username", username)
adp.Parameters.AddWithValue("@password", password)

或从

INSERT INTO [users_tbl] (usr_username, usr_password) values (@username, @password)


INSERT INTO [users_tbl] (usr_username, usr_password) values (@usr_username, @usr_password)
于 2013-03-07T14:19:56.220 回答
4

您的查询需要这两个变量:

@username, @password

但是你传递一个不同名称的变量:

adp.Parameters.AddWithValue("@usr_username", username)
adp.Parameters.AddWithValue("@usr_password", password)

参数名称需要匹配。像这样的东西:

adp.Parameters.AddWithValue("@username", username)
adp.Parameters.AddWithValue("@password", password)
于 2013-03-07T14:19:56.077 回答