LSql := 'update t_Vendor set Zipcode=:ZipCode where id=:id';
FASPVendorDM.cdsVendor.CommandText := LSql;
FASPVendorDM.cdsVendor.Params.ParamByName('Zipcode').AsString := AZipCode;
FASPVendorDM.cdsVendor.Params.ParamByName('id').AsString := AId;
FASPVendorDM.cdsVendor.Excuete;
ZipCode字段的类型是NvarChar,AZipCode的类型是string
当运行时提示“Disallowed implicit conversion from data type text to data type nvarchar, table 'GoodsManagementSystem_Data.dbo.t_Vendor', column 'zipcode'. Use the CONVERT function to run this query”
改成下面的就可以:
LSql := 'update t_Vendor set Zipcode='+QuotedStr(AZipCode)+' where id=:id';
FASPVendorDM.cdsVendor.CommandText := LSql;
//FASPVendorDM.cdsVendor.Params.ParamByName('Zipcode').AsString := AZipCode;
FASPVendorDM.cdsVendor.Params.ParamByName('id').AsString := AId;
FASPVendorDM.cdsVendor.Excuete;
但是这种方法是利用字符拼凑出来的,很不安全。
请问为什么第一种方法错误?
FASPVendorDM.cdsVendor.CommandText := LSql;
FASPVendorDM.cdsVendor.Params.ParamByName('Zipcode').AsString := AZipCode;
FASPVendorDM.cdsVendor.Params.ParamByName('id').AsString := AId;
FASPVendorDM.cdsVendor.Excuete;
ZipCode字段的类型是NvarChar,AZipCode的类型是string
当运行时提示“Disallowed implicit conversion from data type text to data type nvarchar, table 'GoodsManagementSystem_Data.dbo.t_Vendor', column 'zipcode'. Use the CONVERT function to run this query”
改成下面的就可以:
LSql := 'update t_Vendor set Zipcode='+QuotedStr(AZipCode)+' where id=:id';
FASPVendorDM.cdsVendor.CommandText := LSql;
//FASPVendorDM.cdsVendor.Params.ParamByName('Zipcode').AsString := AZipCode;
FASPVendorDM.cdsVendor.Params.ParamByName('id').AsString := AId;
FASPVendorDM.cdsVendor.Excuete;
但是这种方法是利用字符拼凑出来的,很不安全。
请问为什么第一种方法错误?
Update Table Set Field1='+Value+';