如何向数据库插入带有单引号(')的字符串?

上一篇 / 下一篇  2012-10-29 11:35:20 / 个人分类:数据库

查看( 1180 ) / 评论( 0 ) / 评分( 0 / 0 )

XQv6Z$o4D0  用SQL语句往数据库某字段(字符型)中插入字符串,但是当该字符串中带有单引号(')时就会出错!因为插入的字符串被从单引号处截断,造成SQL语句的语法错误!

Qaa'x,]0

4ql#D_1qu\U|?0  我们在编程当中,经常会遇到在操作数据库时,向表里插入带有单引号的字符串。如果不作处理程序会报错,下面看看我们是怎么的处理它的。51Testing软件测试网&U"{J aH2TXJ

0Q0A#t.tsx(iA%\0  用SQL语句往数据库某字段(字符型)中插入字符串,但是当该字符串中带有单引号(')时就会出错!因为插入的字符串被从单引号处截断,造成SQL语句的语法错误!

]o&|2wo-[:|?051Testing软件测试网-\i)]^-a0|'m8a

  解决方法:遍历字符串,把一个(')换成两个(' ')就可以了,在C#里,其实用str.Replace("'", "''");就OK了,这是因为SQL是用两个单引号来代替一个单引号的,下面举个例子:

?l6F'B0Vc0
private void btAdd_Click(object sender, EventArgs e)
`1H"nV(I;r:SLp{ q0        {
7p9Nx-n7eZ:c0            string chinese = this.txtChinese.Text.Trim();
? B4G;S:y,[ _/Nk0            string english = this.txtEnglish.Text.Trim();
q&iz jzx0            if (chinese == "")51Testing软件测试网T5Q7^Q;Ny
            {
s,l/X7Zh+P@`+Bz:g+F0                MessageBox.Show("请输入中文!");51Testing软件测试网Km!FPK9t2tS Fr
            }51Testing软件测试网H!Q6DlHc*I
            else if (english == "")51Testing软件测试网"D2}aE9P*V
            {
o9E:j&G$Vx5O0                MessageBox.Show("请输入英文!");
{2sW$O|2fs4Sqc0            }
W j.z-FOA*g0            else51Testing软件测试网v3{[O%C+Y?/],i Z
            {
#z4w4[+Y4Q*PD0                oleConnection1.Open();51Testing软件测试网$kh,Gq/{Mj ?h
                string sql = "Select * From info Where chinese='" + CheckString(chinese) + "' And english='" + CheckString(english) + "'";
u3W4zV{(JoS3?5Y0                this.oleCommand1.CommandText = sql;51Testing软件测试网7hqg*T+@r
                if (null == oleCommand1.ExecuteScalar())51Testing软件测试网2N,zv8t)gk{
                {
#U { bv(L!XD T*X8o(X]0                    string sql1 = "Insert Into info(chinese,english) Values('" + CheckString(chinese) + "','" + CheckString(english) + "')";
f'n]{g-P0                    oleCommand1.CommandText = sql1;
8} HR3tM*M^ {0                    oleCommand1.ExecuteNonQuery();51Testing软件测试网rU RRcI
                    MessageBox.Show("信息添加成功!", "提示");51Testing软件测试网,[/RL5C0R~W O3X
                    this.txtChinese.Text = "";51Testing软件测试网 K;U a&Uo}^TlW
                    this.txtEnglish.Text = "";51Testing软件测试网3{5x7rTV&D yE"j*P_
                }
0{CsrF*keM&u;U0                else
GT~2k;?i Z7kBw.@0                {51Testing软件测试网&vTQ$l }I ~ a#s+]
                    MessageBox.Show("信息添加失败,中文和英文已经存在了!", "警告");51Testing软件测试网D,{5o1uv g
                    this.txtChinese.Text = "";51Testing软件测试网U)J|9dM$MF
                    this.txtEnglish.Text = "";51Testing软件测试网A;x'Tni
                }
(E,o b-WqI0@?b0                oleConnection1.Close();
I&HX1UXgV0            }
'zgg+m7r{P0        }
private string CheckString(string str)51Testing软件测试网#F Vx[r
        {
+Y8QL#z0W |I0            string returnStr = "";51Testing软件测试网mNc0mqA|A
            if (str.IndexOf("'") != -1) //判断字符串是否含有单引号51Testing软件测试网Tb?6M6{'~,TD8t/Y
            {
2n QON kS0                returnStr = str.Replace("'", "''");
ly!m [ U t0                str = returnStr;
A](A k"L0            }
p;`V^K7V:I0            return str;51Testing软件测试网J~v9DQZ+M
        }

'Bc(`/?D b"o0  这里为什么要用另一个变量(returnStr)来接收替换后的值呢?不然替换会失效,调用Replace()方法不能改变str本身,string对象虽然是引用类型,但它具有很多值类型特征,比较特殊。51Testing软件测试网S+N0\3uJ


收藏 举报

TAG:

 

评分:0

我来说两句

Open Toolbar