0

我得到了什么:

两个 mdb 数据库和一个用于将信息(行)从 db1 插入到 db2 的应用程序。

当我运行我的代码时出现异常:

System resource exceeded.


编码:


连接字符串:

Dim db2Connection As New OleDb.OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\db2.mdb;Persist Security Info=False;")

Dim db1Connection As New OleDb.OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=c:\db1.mdb;Persist Security Info=False;")


复制信息的代码:

Dim DataAddapter As New OleDb.OleDbDataAdapter
Dim ds As New DataSet

'Open DB1 Connection:

db1Connection.open()

'Select All From M

DataAddapter.SelectCommand = New OleDb.OleDbCommand("SELECT * FROM M", db1Connection)
Dim cmd As OleDb.OleDbCommand = DataAddapter.SelectCommand
Dim Reader As OleDb.OleDbDataReader = cmd.ExecuteReader()

'Before Reading Results From DB1 Lets Open DB2Connection:
db2Connection.open()

'Start Reading Results in LOOP:
        Do Until Reader.Read() = False
            Dim F_Name As String = Reader("F_NAME")
            Dim L_Name As String = Reader("L_NAME")
            Dim CITY As String = Reader("NAME_CITY")
            F_Name = Replace(F_Name, "'", "")
            L_Name = Replace(L_Name, "'", "")

'Start Moving The Results To Db2(Insert):
'--------------------------------------


                Dim Exist As Integer = 0
                Dim c As New OleDb.OleDbCommand
                c.Connection = db2Connection
                c.CommandText = "SELECT COUNT(*) FROM `Names` WHERE `LastName`='" & L_Name & "' AND `FirstName`='" & F_Name & "' AND `City`='" & CITY & "'"
'----------------------------------------
'Exception Here!! :(
'This Line Checking If Already Exist
                Exist = CLng(c.ExecuteScalar())
'----------------------------------------

                If Exist = 0 Then
                    c.CommandText = "INSERT INTO `Names` (`LastName`,`FirstName`,`City`) VALUES ('" & L_Name & "','" & F_Name & "','" & CITY & "')"
                    c.ExecuteNonQuery()
                    'Note: After this line i'am getting the Exception there... (2 queries executed ExecuteScalar + ExecuteNonQuery) maybe i need to create connection for every query? :S

                End If
       Loop



另一件事:我必须以这种语法将查询发送到db2(否则它不起作用):

INSERT INTO `Names` (`LastName`,`FirstName`,`City`) VALUES ('" & L_Name & "','" & F_Name & "','" & CITY & "')
i have to use the ->  `  <- to the name of the columns,
but when i'am sending a query to db1 without  ->  `  <-  it's working. :S and i dont know what is the difference between db1 to db2 but its very strange maybe my problem is there...


好的答案是一个很好的例子加上很好的解释:)。(c#或vb.net)

4

1 回答 1

0

你是 sql-injection 的首选......你应该阅读它,并且至少,PARAMETERIZE 你的 sql 命令,不要构建字符串语句来执行嵌入值。我不具体知道 db2 如何处理参数......有些使用“?” 作为占位符,SQL-Server 使用“@”而 Advantage Database 使用“:”.. 但无论哪种情况,这里都是它的原理......

c.CommandText = "select blah from `names` where LastName = ? and FirstName = ? and City = ?"

c.CommandText = "select blah from `names` where LastName = @parmLastName and FirstName = @parmFirstName and City = @parmCity"

对于上面的命名参数(例如@parmLastName),我在前缀“parm”的唯一目的是区分值与实际的 COLUMN 名称

然后,您的参数将类似于

c.Parameters.Add( "@parmLastName", yourLastNameVariable )
c.Parameters.Add( "@parmFirstName", yourFirstNameVariable)
c.Parameters.Add( "@parmCity", yourCityVariable)

如果使用“?” 没有明确命名的参数版本,您只需要确保您的参数上下文与“?”的顺序相同 占位符。

然后执行您的呼叫...相同的原则将适用于您的所有查询(选择、插入、更新、删除)

至于您的系统资源...您要删除多少条记录。试图拉下整个数据库表可能只是阻塞了您的系统内存资源。您可能希望一次根据一个字母分解...

此外,来自 MS 的关于系统资源和通过补丁访问的链接。

于 2013-10-30T16:45:23.400 回答