后台提交的时候老是出现Microsoft JET Database Engine '80040e14' INSERT INTO 语句的语法错误。 \admin\product\newsadd_rs.asp, line 74 错误的语法是:conn.execute(sql)
下面是代码
<%Server.ScriptTimeOut=5000%>
<!--#include file="../../include/const.asp"-->
<!--#include FILE="../../include/upload_5xsoft.inc"-->
<%
check_login()dim Upload
set Upload=new upload_5xSoftdim title,pid,cid,author,newsdate,content,
'bianhao=formatstr(upload.form("bianhao"))
title=formatstr(upload.form("title"))
call check_blank(title,"请输入产品的标题!")ordnum=formatstr(upload.form("ordnum"))
pid=formatstr(upload.form("pid"))
call check_blank(pid,"请选择产品类别!")
cid=formatstr(upload.form("cid"))
sfnew=formatstr(upload.form("sfnew"))if sfnew="" then
sfnew=0
end if
intro=formathtml(upload.form("intro"))
sSavePathFileName = GetSafeStr(upload.Form("d_savepathfilename"))
content=formatstrhtml(Upload.Form("content"))
'call check_blank(content,"请输入信息的内容!")'newsdate=formatstr(upload.form("newsdate"))
'call check_blank(newsdate,"请输入显示时间!")
'call check_date(newsdate,"显示时间的输入有误!")dim str,file,filename,name1,length,savename,extname
dim picname,picname1,picname2
dim i
i=1
for each formName in upload.objFile
str=replace(now()," ","")
str=replace(str,"-","")
str=replace(str,"/","")
str=replace(str,":","")
set file=upload.file(formName)
filename=file.FileName
name1=filename
if name1<>"" then
length=InStrRev(name1,".",-1,1)
extname=right(name1,3)
savename=str & right(name1,4)
'if extname<>"jpg" and extname<>"JPG" and extname<>"bmp" and extname<>"BMP" and extname<>"gif" and extname<>"GIF" then
'call pop_msgback("您上传文件的格式错误!")
'end if
'if file.filesize>152400 then
' call pop_msgback("您上传的文件太大!请不要超过150k")
'end if
'if file.fileSize>0 and file.FileSize<152400 then
file.SaveAs Server.mappath("../../uploadpic/" & savename) '图片存储的新路径(服务器上的路径)
'end if
set file=nothing
picname=savename
end if
next
sql="insert into news (title,pid,picture0,content,D_SavePathFileName,sfnew,ordnum) values ('" & title & "',"& pid &",'" & picname & "','" & content & "','"& sSavePathFileName &"',"& sfnew &","& ordnum &")"'response.write(sql)
'response.end
conn.execute(sql)
conn.closecall pop_msgurl("产品添加成功!","news.asp")
%>
下面是代码
<%Server.ScriptTimeOut=5000%>
<!--#include file="../../include/const.asp"-->
<!--#include FILE="../../include/upload_5xsoft.inc"-->
<%
check_login()dim Upload
set Upload=new upload_5xSoftdim title,pid,cid,author,newsdate,content,
'bianhao=formatstr(upload.form("bianhao"))
title=formatstr(upload.form("title"))
call check_blank(title,"请输入产品的标题!")ordnum=formatstr(upload.form("ordnum"))
pid=formatstr(upload.form("pid"))
call check_blank(pid,"请选择产品类别!")
cid=formatstr(upload.form("cid"))
sfnew=formatstr(upload.form("sfnew"))if sfnew="" then
sfnew=0
end if
intro=formathtml(upload.form("intro"))
sSavePathFileName = GetSafeStr(upload.Form("d_savepathfilename"))
content=formatstrhtml(Upload.Form("content"))
'call check_blank(content,"请输入信息的内容!")'newsdate=formatstr(upload.form("newsdate"))
'call check_blank(newsdate,"请输入显示时间!")
'call check_date(newsdate,"显示时间的输入有误!")dim str,file,filename,name1,length,savename,extname
dim picname,picname1,picname2
dim i
i=1
for each formName in upload.objFile
str=replace(now()," ","")
str=replace(str,"-","")
str=replace(str,"/","")
str=replace(str,":","")
set file=upload.file(formName)
filename=file.FileName
name1=filename
if name1<>"" then
length=InStrRev(name1,".",-1,1)
extname=right(name1,3)
savename=str & right(name1,4)
'if extname<>"jpg" and extname<>"JPG" and extname<>"bmp" and extname<>"BMP" and extname<>"gif" and extname<>"GIF" then
'call pop_msgback("您上传文件的格式错误!")
'end if
'if file.filesize>152400 then
' call pop_msgback("您上传的文件太大!请不要超过150k")
'end if
'if file.fileSize>0 and file.FileSize<152400 then
file.SaveAs Server.mappath("../../uploadpic/" & savename) '图片存储的新路径(服务器上的路径)
'end if
set file=nothing
picname=savename
end if
next
sql="insert into news (title,pid,picture0,content,D_SavePathFileName,sfnew,ordnum) values ('" & title & "',"& pid &",'" & picname & "','" & content & "','"& sSavePathFileName &"',"& sfnew &","& ordnum &")"'response.write(sql)
'response.end
conn.execute(sql)
conn.closecall pop_msgurl("产品添加成功!","news.asp")
%>
--这句话执行后显示出的SQL语句是什么?把
sql="insert into news (title,pid,picture0,content,D_SavePathFileName,sfnew,ordnum) values ('" & title & "',"& pid &",'" & picname & "','" & content & "','"& sSavePathFileName &"',"& sfnew &","& ordnum &")"
conn.execute(sql)
改为
sql="'insert into news (title,pid,picture0,content,D_SavePathFileName,sfnew,ordnum) values (''" & title & "'',"& pid &",''" & picname & "'',''" & content & "'',''"& sSavePathFileName &"'',"& sfnew &","& ordnum &"')"
conn.execute(sql)
试试....
values (''" & title & "'',"& pid &",''" & picname & "'',''" & content & "'',''"& sSavePathFileName &"'',"& sfnew &","& ordnum &")'"
conn.execute(sql)
'response.end
把这个注释去掉,看看页面输出的sql是什么,贴上来看看那
UP 是不是传入的SQL字符串有问题捏~