• 数据库查询中的特殊字符的问题!
  • 在进行数据库的查询时,出现报错,无法读取数据库,经过我们的检查发现其修改了数据库密码,其中使用了微软数据库不准许的特殊字符:
      例如一个用户数据库中查询他的用户名和他的密码,但恰好该用户使用的名字和密码中有特殊的字符,例如单引号,“|”号,双引号或者连字符“&”。
      例如他的名字是1"test,密码是A|&900
      这时当执行以下的查询语句时,肯定会报错:
    SQL = "SELECT * FROM SecurityLevel WHERE UID="" & UserID & """
    SQL = SQL & " AND PWD="" & Password & """
      因为SQL将会是这样:
    SELECT * FROM SecurityLevel WHERE UID="1"test" AND PWD="A|&900"
      在SQL中,"|"为分割字段用的,显然会出错了。现在提供下面的几个函数专门用来处理这些头疼的东西:
    Function ReplaceStr (TextIn, ByVal SearchStr As String, _
    ByVal Replacement As String, _
    ByVal CompMode As Integer)

     Dim WorkText As String, Pointer As Integer
     If IsNull(TextIn) Then
      ReplaceStr = Null
     Else
      WorkText = TextIn
      Pointer = InStr(1, WorkText, SearchStr, CompMode)
      Do While Pointer > 0
       WorkText = Left(WorkText, Pointer - 1) & Replacement & _
       Mid(WorkText, Pointer + Len(SearchStr))
       Pointer = InStr(Pointer + Len(Replacement), WorkText, SearchStr, CompMode)
      Loop
      ReplaceStr = WorkText
     End If
    End Function


    Function SQLFixup(TextIn)
     SQLFixup = ReplaceStr(TextIn, """, """", 0)
    End Function
    Function JetSQLFixup(TextIn)
     Dim Temp
     Temp = ReplaceStr(TextIn, """, """", 0)
     JetSQLFixup = ReplaceStr(Temp, "|", "" & chr(124) & "", 0)
    End Function


    Function FindFirstFixup(TextIn)
     Dim Temp
     Temp = ReplaceStr(TextIn, """, "" & chr(39) & "", 0)
     FindFirstFixup = ReplaceStr(Temp, "|", "" & chr(124) & "", 0)
    End Function
      有了上面几个函数后,当在执行一个sql前,请先使用
    SQL = "SELECT * FROM SecurityLevel WHERE UID="" & SQLFixup(UserID) & """
    SQL = SQL & " AND PWD="" & SQLFixup(Password) & """



    上一篇怎样将数据库上传或导入

    下一篇如何把ACCESS的数据导入到Mysql中

    2016 迅捷格言:事在人为 莫道万般皆无奈;境由心造 后退一步万事宽! 有事您说话,小捷很乐意帮助您!