开发者

Problems with submitting text to access database

开发者 https://www.devze.com 2023-03-03 13:36 出处:网络
I have been experiencing problems to add text from a text box into an access database. It is a long piece of text and when I keep it to 3 or 4 sentences it is inserted with no errors but as soon as it

I have been experiencing problems to add text from a text box into an access database. It is a long piece of text and when I keep it to 3 or 4 sentences it is inserted with no errors but as soon as it appears to be too long I get the following error...System.Data.OledbException syntax error (missing operator)in the query expression. I have a method in the web service which adds the information and it is with the length of the one textbox insersiont(in this case a review to a book) that causes the error.

Another odd feature to the web page is that the submit button fires only upon the second click...there is a post back on the first click and then only on the second click does the information actually insert into the databse. I do not think however that this is the reason for the initial error of not being able to insert a paragraph into the access database(the field of which I have set to memo).

Any possibility to shed some light as to why the error is occuring. here is my actuall web method.

[WebMethod]
public void bookRatedAdd(string title, int rating, string review, string ISBN, string userName)
{
   OleDbConnection conn;

    conn = new OleDbConnection(@"Provider=Microso开发者_开发问答ft.Jet.OleDb.4.0;
                                               Data Source=" + Server.MapPath("App_Data\\BookRateInitial.mdb"));

    conn.Open();

    OleDbCommand cmd = conn.CreateCommand();

    cmd.CommandText = @"INSERT INTO bookRated([title], [rating],  [review], [frnISBN], [frnUserName])VALUES('" + title + "', '" + rating + "','" + review + "','" + ISBN + "', '" + userName + "')";
    cmd.ExecuteNonQuery();
    conn.Close();
}

It is with review where I get the error, the field of which I set to memo(in the access database.


Perhaps the review you're inserting into the database has single quotes in it? I ask because I don't see that they're getting escaped (turned into two single-quotes) in the code building the query, i.e.:

cmd.CommandText = @"INSERT INTO bookRated([title], [rating],  [review], [frnISBN], [frnUserName])VALUES('" + title.Replace("'", "''") + "', '" + rating.Replace("'", "''") + "','" + review.Replace("'", "''") + "','" + ISBN + "', '" + userName + "')";
0

精彩评论

暂无评论...
验证码 换一张
取 消