문제
I am using VB.net to write some values to my dB.
However I am having issues with syntax of the below code.
What I need to do is to run the SQL INSERT statement, providing that the value being passed for ChargeCode is not blank.
https://stackoverflow.com/questions/23582378
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianINSERT INTO Daisy_March2014 (ChargeCode,Peak,OffPeak,Weekend,Setup,MinimumCharge)
VALUES ('" + ComboBox1.Text + "','" + ComboBox2.Text + "','" + ComboBox3.Text + "','" + ComboBox4.Text + "','" + ComboBox5.Text + "','" + ComboBox6.Text + "')
SELECT WHERE 'ChargeCode' IS NOT NULL;
Can this be done using SQL?
Any help greatly appreciated.
Thanks,
해결책
Check the value then procede with sql.
If Not String.IsNullOrEmpty(Combobox1.Text) Then
Dim sql As String = "INSERT INTO Daisy_March2014 " &
"(ChargeCode,Peak,OffPeak,Weekend,Setup,MinimumCharge)" &
"VALUES ('" & ComboBox1.Text & "','" & ComboBox2.Text & "','" & ComboBox3.Text &
"','" & ComboBox4.Text & "','" & ComboBox5.Text & "','" & ComboBox6.Text & "')"
End If
You should also look into Parameterized queries for protection against sql injection.
