I have been experiencing problems to add text from a text box into an access database. It is a long piece of text and when I keep it to 3 or 4 sentences it is inserted with no errors but as soon as it appears to be too long I get the following error...System.Data.OledbException syntax error (missing operator)in the query expression. I have a method in the web service which adds the information and it is with the length of the one textbox insersiont(in this case a review to a book) that causes the error.
Another odd feature to the web page is that the submit button fires only upon the second click...there is a post back on the first click and then only on the second click does the information actually insert into the databse. I do not think however that this is the reason for the initial error of not being able to insert a paragraph into the access database(the field of which I have set to memo).
Any possibility to shed some light as to why the error is occuring. here is my actuall web method.
[WebMethod]
public void bookRatedAdd(string title, int rating, string review, string ISBN, string userName)
{
OleDbConnection conn;
conn = new OleDbConnection(@"Provider=Microso开发者_开发问答ft.Jet.OleDb.4.0;
Data Source=" + Server.MapPath("App_Data\\BookRateInitial.mdb"));
conn.Open();
OleDbCommand cmd = conn.CreateCommand();
cmd.CommandText = @"INSERT INTO bookRated([title], [rating], [review], [frnISBN], [frnUserName])VALUES('" + title + "', '" + rating + "','" + review + "','" + ISBN + "', '" + userName + "')";
cmd.ExecuteNonQuery();
conn.Close();
}
It is with review where I get the error, the field of which I set to memo(in the access database.
Perhaps the review you're inserting into the database has single quotes in it? I ask because I don't see that they're getting escaped (turned into two single-quotes) in the code building the query, i.e.:
cmd.CommandText = @"INSERT INTO bookRated([title], [rating], [review], [frnISBN], [frnUserName])VALUES('" + title.Replace("'", "''") + "', '" + rating.Replace("'", "''") + "','" + review.Replace("'", "''") + "','" + ISBN + "', '" + userName + "')";
精彩评论