1

我正在尝试在经典 asp 中使用 vbscript 中的参数化查询将一些表单数据插入 SQL 数据库(我没有使用 asp 的经验)。我尝试了几种变体来声明我的参数,但一切都引发了错误。

ADODB.Command error '800a0bb9'

Arguments are of the wrong type, are out of acceptable range, or are in conflict with one another

我的数据库中的表不允许 ApplicationId 字段为空,并且是 int 类型。TimeStamp 列是日期时间。所有其他字段都是 varchar(MAX)

这是我的代码的最新变体,如果您能发现任何错误等,请告诉我

Set conn = Server.CreateObject("ADODB.Connection")
conn.Mode = 3
conn.open "Provider=SQLOLEDB;Data Source=xxx.xxx.xxx.xxx,xxxx;database=db_example;uid=user;pwd=password;"

Dim oCmd 
set oCmd = Server.CreateObject("ADODB.Command")

Dim sSQL 
sSQL = "INSERT INTO tbl_Application (ApplicationNumber, Expenses, Name, Why) VALUES (?, ?, ?, ?);"

oCmd.CommandText = sSQL
oCmd.ActiveConnection= conn

Dim param1
Set param1 = oCmd.CreateParameter("ApplicationNumber",adInteger,adParamInput)     
param1.value = session.sessionId
oCmd.Parameters.Append param1

尝试在 Append 之前和之后分配值

Dim param2
Set param2 = oCmd.CreateParameter("Expenses",adChar,adParamInput,255) 
param2.value = session("Expenses")
oCmd.Parameters.Append param2

Dim param3
Set param3 = oCmd.CreateParameter("Name",adChar,adParamInput,255) 
param3.value = session("Name")
oCmd.Parameters.Append param3


Dim param4
Set param4 = oCmd.CreateParameter("Why",adChar,adParamInput,255) 
param4.value = session("Why")
oCmd.Parameters.Append param4

Dim oRS
Set oRS = oCmd.Execute()

此外,该网站被黑了,这就是我使用参数化查询重写代码的原因。这是可以工作(但允许注入)的原始代码,以防我需要使用记录集或其他东西

Set conn = Server.CreateObject("ADODB.Connection")
conn.Mode = 3
conn.open "Provider=SQLOLEDB;Data Source=xxx.xxx.xxx.xxx,xxxx;database=db_example;uid=user;pwd=password;"

set rsAddEvent = server.createobject("adodb.recordset")
rsAddEvent.open "tbl_Application", conn, 2, 3
rsAddEvent.addnew

rsAddEvent("ApplicationNumber") = session.sessionId
rsAddEvent("TimeStamp") = now()
rsAddEvent("Applicant") = session("Applicant")
rsAddEvent("Email") = session("Email")
rsAddEvent("Pet") = session("Pet")
rsAddEvent("Address") = session("Address")
rsAddEvent("Postal") = session("Postal")
rsAddEvent("HomePhone")  = session("HomePhone")
rsAddEvent("WorkPhone") = session("WorkPhone")
rsAddEvent("Employed") = session("Employed")
rsAddEvent("Employer") = session("Employer")
rsAddEvent("Unemployment") = session("Unemployment")
rsAddEvent("FormerEmployer") = session("FormerEmployer")
rsAddEvent("Dependants") = session("Dependants")
rsAddEvent("Income") = session("Income")
rsAddEvent("OtherIncome") = session("OtherIncome")
rsAddEvent("Funds") = session("Funds")
rsAddEvent("Circumstance") = session("Circumstance")
rsAddEvent("Afford")  = session("Afford")
rsAddEvent("Spent") = session("Spent")
rsAddEvent("Expenses") = session("Expenses") 
rsAddEvent("Name") = session("Name")
rsAddEvent("Email") = session("Email")
rsAddEvent("Why") = session("Why")

rsAddEvent.update
rsAddEvent.movelast

非常感谢您阅读本文

4

1 回答 1

3

我认为您忘记了 include adovbs.inc,因此 ADO 常量如adChararent 被识别。

试着把它放在你的 ASP 页面的顶部:

<!--#include virtual="/adovbs.inc"-->

如果这不起作用,请参阅此处,其中解释了如何设置 inc 文件:

http://www.4guysfromrolla.com/webtech/faq/Beginner/faq7.shtml

于 2013-07-11T18:15:27.673 回答