一旦我点击添加按钮,它就会提示您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册,了解在第 1 行的 Id、BookTitle、Author、YearPublished)值 ('1'、'1232'、'king'、'Ryan'、'2024)' 附近使用的正确语法
Imports MySql.Data.MySqlClient
Imports Microsoft.VisualBasic.ApplicationServices
Imports Microsoft.Win32
Public Class AdminInterface
Dim sqlConn As New MySqlConnection
Dim sqlCmd As New MySqlCommand
Dim sqlRd As MySqlDataReader
Dim sqlDt As New DataTable
Dim DTA As New MySqlDataAdapter
Dim sqlQuery As String
Dim server As String = "localhost"
Dim username As String = "root"
Dim password As String = "202015"
Dim database As String = "myconnector"
Private bitmap As Bitmap
Private Sub updateTableBelow()
sqlConn.ConnectionString = "server=" + server + ";" + "user id=" + username + ";" + "password=" + password + ";" + "database=" + database
sqlConn.Open()
sqlCmd.Connection = sqlConn
sqlCmd.CommandText = "SELECT * FROM librarybook.librarybook;"
sqlRd = sqlCmd.ExecuteReader
sqlDt.Load(sqlRd)
sqlRd.Close()
sqlConn.Close()
Display1Book.DataSource = sqlDt
End Sub
Private Sub AddBtn_Click(sender As Object, e As EventArgs) Handles AddBtn.Click
sqlConn.ConnectionString = "server=" + server + ";" + "user id=" + username + ";" + "password=" + password + ";" + "database=" + database
Try
sqlConn.Open()
sqlQuery = "Insert into librarybook.librarybook(no, Book Id, BookTitle, Author, YearPublished)
value('" & SearchTxT.Text & "','" & BookIdTxT.Text & "','" & BookTitleTxt.Text & "','" & AuthorTxt.Text & "','" & YearPublishedTxT.Text & "')"
sqlCmd = New MySqlCommand(sqlQuery, sqlConn)
sqlRd = sqlCmd.ExecuteReader
sqlConn.Close()
Catch ex As Exception
MessageBox.Show(ex.Message, " My Sql connector", MessageBoxButtons.OK, MessageBoxIcon.Information)
Finally
sqlConn.Dispose()
End Try
updateTableBelow()
End Sub
End Class
我尝试使用 try 和 catch 函数,但它不起作用。
合并评论中的信息,并添加一些其他评论,您可以使用如下内容:
Imports MySql.Data.MySqlClient
Public Class Form1
'TODO: Store these values in a config file.
Dim server As String = "localhost"
Dim database As String = "myconnector"
'TODO: Add a user to MySql to avoid using the "root" account.
Dim username As String = "root"
'TODO: Investigate how to store the password securely.
Dim password As String = "202015"
Public Function ConnStr() As String
Return New MySqlConnectionStringBuilder() With {
.Server = server,
.Database = database,
.UserID = username,
.Password = password}.ToString()
End Function
Private Sub AddBook()
'TODO: Make the column name formats consistent.
Dim sqlQuery = "INSERT INTO librarybook.librarybook(`no`, `Book Id`, `BookTitle`, `Author`, `YearPublished`)
VALUES(@no, @id, @title, @author, @pubyear)"
Using conn = New MySqlConnection(ConnStr())
Dim cmd = New MySqlCommand(sqlQuery, conn)
cmd.Parameters.Add(New MySqlParameter With {.ParameterName = "@no", .MySqlDbType = MySqlDbType.String, .Value = SearchTxT.Text})
cmd.Parameters.Add(New MySqlParameter With {.ParameterName = "@id", .MySqlDbType = MySqlDbType.String, .Value = BookIdTxT.Text})
cmd.Parameters.Add(New MySqlParameter With {.ParameterName = "@title", .MySqlDbType = MySqlDbType.String, .Value = BookTitleTxt.Text})
cmd.Parameters.Add(New MySqlParameter With {.ParameterName = "@author", .MySqlDbType = MySqlDbType.String, .Value = AuthorTxt.Text})
'TODO: Use the appropriate MySql type for the published year.
cmd.Parameters.Add(New MySqlParameter With {.ParameterName = "@pubyear", .MySqlDbType = MySqlDbType.Year, .Value = YearPublishedTxT.Text})
conn.Open()
cmd.ExecuteNonQuery()
End Using
End Sub
Private Sub AddBtn_Click(sender As Object, e As EventArgs) Handles AddBtn.Click
AddBook()
UpdateTableBelow()
End Sub
End Class
MySqlConnectionStringBuilder
将处理用户名中的空格或密码中的奇怪字符等所需的任何引用/转义。
如果将连接参数存储在配置文件中,则可以编写一些代码,以便用户可以轻松更改它们,而无需重新编译程序。
如果将程序分成更小的部分,则可以更轻松地调试和维护程序,因此添加了
AddBook
子项。最好将“no”、“id”、“title”等作为参数传递给AddBook
,而不是从控件中获取它们。
应添加某种输入验证 - 例如,您可能想确保发布年份是一个合理的值。