string cmdtxt = "insert into spgl(spmc,spbh,rkh,rksj,jhj,sl,czy)values('" + ((TextBox)Table1.Rows[i].FindControl("te" + i)).Text + "','" + ((TextBox)Table1.Rows[i].FindControl("txb" + i)).Text + "','" + ((TextBox)Table1.Rows[i].FindControl("txbo" + i)).Text + "','DateTime .Now .ToString ','" + ((TextBox)Table1.Rows[i].FindControl("txbox" + i)).Text + "','" + ((TextBox)Table1.Rows[i].FindControl("tex" + i)).Text + "','" + TextBox5.Text +"')";
string cmdtxt = "insert into spgl(spmc,spbh,rkh,rksj,jhj,sl,czy) values(@spmc,@spbh,@rkh,@rksj,@jhj,@sl,@czy)";
cmd.commandtext=cmdtxt;
cmd.parameters.addwithvalue("@spmc",(TextBox)Table1.Rows[i].FindControl("te" + i)).Text);
cmd.parameters............
你这写太容易出错了,而且不防SQL注入。
1.如果里面有的字段是 数值 型的,要去掉单引号
2.'DateTime .Now .ToString ',楼主的这个是想存入当前时间吧,应该'" + DateTime .Now .ToString + "',
3.像1楼的写法那样.