VB.NET SQL Server插入-ExecuteNonQuery:连接属性尚未初始化

|| 在表单加载事件中,我连接到SQL Server数据库: 
Private Sub AddBook_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
            myConnection = New SqlConnection(\"server=.\\SQLEXPRESS;uid=sa;pwd=123;database=CIEDC\")
            myConnection.Open()

End Sub
在Insert事件中,我使用以下代码: 
Private Sub cmdAdd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdAdd.Click
            Try
                myConnection.Open()
                myCommand = New SqlCommand(\"INSERT INTO tblBook(BookCode, BookTitle, Author, PublishingYear, Price, EnterDate, CatID, RackID, Amount) VALUES(\'\" & txtBookCode.Text & \"\',\'\" & txtTitle.Text & \"\',\'\" & txtAuthor.Text & \"\',\'\" & txtPublishYear.Text & \"\',\'\" & txtPrice.Text & \"\', #\" & txtEnterDate.Text & \"#, \" & txtCategory.Text & \",\" & txtRack.Text & \",\" & txtAmount.Text & \")\")
                myCommand.ExecuteNonQuery()
                MsgBox(\"The book named \'\" & txtTitle.Text & \"\' has been inseted successfully\")
                ClearBox()
            Catch ex As Exception
                MsgBox(ex.Message())
            End Try
            myConnection.Close()
End Sub
并且它产生以下错误: 
ExecuteNonQuery: Connection property has not been initialized
    
2020-02-10 6 条评论
分享

没有找到相关结果

    已邀请:

    惭法搽

             连接分配-您未设置SQLCommand的连接属性。您无需添加任何代码即可执行此操作。这是导致您出错的原因。 
    myCommand = New SqlCommand(\"INSERT INTO tblBook(BookCode, BookTitle, Author, PublishingYear, Price, EnterDate, CatID, RackID, Amount) VALUES(\'\" & txtBookCode.Text & \"\',\'\" & txtTitle.Text & \"\',\'\" & txtAuthor.Text & \"\',\'\" & txtPublishYear.Text & \"\',\'\" & txtPrice.Text & \"\', #\" & txtEnterDate.Text & \"#, \" & txtCategory.Text & \",\" & txtRack.Text & \",\" & txtAmount.Text & \")\", MyConnection)
    连接处理-您还需要从负载处理程序中删除“ MyConnection.Open \”。只需打开它,然后像现在一样在您的Click Handler中将其关闭即可。这不会导致错误。 参数化SQL-尽管您没有使用存储过程,但仍需要使用SQL参数。这不是您的错误的原因。正如Conrad提醒我的那样,您的原始代码将用户的值直接转储到SQL语句中。除非您使用SQL参数,否则恶意用户将窃取您的数据。 
    Dim CMD As New SqlCommand(\"Select * from MyTable where BookID = @BookID\")
CMD.Parameters.Add(\"@BookID\", SqlDbType.Int).Value = CInt(TXT_BookdID.Text)
        
    2020-02-10 0 0
    分享

    蕉衫

            您需要在命令上设置
    Connection
    属性: 
    myCommand.Connection = myConnection
        
    2020-02-10 0 0
    分享

    祁澈盘哼颗

            错误消息所暗示的几乎是-尚未将SqlCommand对象的Connection属性分配给您打开的连接(在本例中,您将其称为“ 7”)。 另外,这里有个建议。对sql参数进行一些阅读-在没有任何健全性检查的情况下从用户输入进行sql连接是SQL注入攻击发生的方式。 这是一种方法: 
    Private Sub cmdAdd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdAdd.Click
    Try
        myConnection.Open()
        myCommand = New SqlCommand( _
        \"INSERT INTO tblBook(BookCode, BookTitle, Author, PublishingYear, Price, \" & _
        \"                    EnterDate, CatID, RackID, Amount) \" & _
        \"VALUES(@bookCode, @bookTitle, @author, @publishingYear, @price, @enterDate, \" & _
        \"       @catId, @rackId, @amount)\")
        myCommand.Connection = myConnection
        with myCommand.Parameters
            .AddWithValue(\"bookCode\", txtBookCode.Text)
            .AddWithValue(\"bookTitle\", txtTitle.Text)
            .AddWithValue(\"author\", txtAuthor.Text)
            .AddWithValue(\"publishingYear\", txtPublishYear.Text)
            .AddWithValue(\"price\", txtPrice.Text)
            .AddWithValue(\"enterDate\", txtEnterDate.Text)
            .AddWithValue(\"catId\", txtCategory.Text)
            .AddWithValue(\"rackId\", txtRack.Text)
            .AddWithValue(\"amount\", txtAmount.Text)
        end with
        myCommand.ExecuteNonQuery()
        MsgBox(\"The book named \'\" & txtTitle.Text & \"\' has been inseted successfully\")
        ClearBox()
    Catch ex As Exception
        MsgBox(ex.Message())
    End Try
    myConnection.Close()
End Sub
        
    2020-02-10 0 0
    分享

    痴浪墨

            模块Module1     公共con作为System.Data.SqlClient.SqlConnection     公共com作为System.Data.SqlClient.SqlCommand     公共ds作为System.Data.SqlClient.SqlDataReader     昏暗的sqlstr作为字符串 
    Public Sub main()
    con = New SqlConnection(\"Data Source=.....;Initial Catalog=.....;Integrated Security=True;\")
    con.Open()
    frmopen.Show()
    \'sqlstr = \"select * from name1\"
    \'com = New SqlCommand(sqlstr, con)
    Try
        com.ExecuteNonQuery()

        \'MsgBox(\"success\", MsgBoxStyle.Information)
    Catch ex As Exception
        MsgBox(ex.Message())
    End Try
    \'con.Close()



    \'MsgBox(\"ok\", MsgBoxStyle.Information, )

End Sub
    终端模块     
    2020-02-10 0 0
    分享

    捻盒愧杯

            请尝试将使用的连接(包括仅打开)包装在USING块内。假设使用web.config作为连接字符串: 
        Dim connection As New SqlConnection(ConfigurationManager.ConnectionStrings(\"web.config_connectionstring\").ConnectionString)
    Dim query As New String = \"select * from Table1\"
    Dim command as New SqlCommand(query, connection)

Using connection
   connection.Open()
   command.ExecuteNonQuery()
End Using
    并请用户输入任何参数。     
    2020-02-10 0 0
    分享
    为什么被折叠? 0 个回复被折叠

    要回复问题请先登录注册

    或代码 OrCode.com 备案号:粤ICP备15020848号-1
    Escape time: 0.041369915008545