不允许从数据类型 varchar 到 varbinary 的隐式转换

2021-09-10 00:00:00 sql tsql sql-server visual-studio-2012

在我运行程序后，我添加了数据，然后我收到了这条消息:

After I run the program, I add the data, and then i get this message:

不允许从数据类型 varchar 隐式转换为 varbinary

implicit conversion from data type varchar to varbinary is not allowed

我和我在 YouTube 上观看了这个视频和youtuber完全一样.这对他有效，但对我无效.

I watched this video on YouTube and I did exactly the same as youtuber. It works for him but not me.

我正在尝试将 Visual Studio 中的数据添加到 SQL 数据库中:

I am trying to add data from Visual studio into an SQL database:

代码如下:

Imports System.Data.SqlClient SELECT CONVERT(varchar(100), CONVERT(varbinary(max),'0xFFD8FFE000')) Public Class Form1 Dim Conn As SqlConnection Dim CMD As SqlCommand Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click Conn = New SqlConnection Conn.ConnectionString = "Data Source=BYG-A101-MOELKA;Initial Catalog=App;Integrated Security=True" Dim READER As SqlDataReader Try Conn.Open() Dim Query As String Query = "insert into person (ID,firstname,lastname,age) values ('" & TextBox1.Text & "', '" & TextBox2.Text & "', '" & TextBox3.Text & "', '" & TextBox4.Text & "')" CMD = New SqlCommand(Query, Conn) READER = CMD.ExecuteReader MessageBox.Show("Datasaved") Conn.Close() Catch ex As Exception MessageBox.Show(ex.Message) Finally Conn.Dispose() End Try End Sub

推荐答案

一些问题

ExecuteReader 不应用于插入
使用 ExecuteNonQuery

ExecuteReader should not be used for an insert
use ExecuteNonQuery

这会受到注入攻击.使用参数.参数必须与表列的数据类型匹配.

That is subject to injection attack. Use parameters. The parameters must match the data type of the table columns.

相关文章