ERROR IN FROM CLAUSE
-
I'm using a ODBC connectivity with a DB in an SDI appl. I retrieve data from the dlg box n on closing of the box i'm updating the data to the DB using
query="insert into Book values('"+ad.m_Auto_Ac_No+"','"+ad.m_Add_Name+"','"+ad.m_Add_Auth+"',"+temp+","+ad.m_Add_Price+",'"+ad.m_Add_Date+"',"+locstat+")"; m_pSet->Open(CRecordset::dynaset,(LPCTSTR)query,CRecordset::none);whr m_pSet is a Crecordset object. This returns an error as Syntax error in FROM clause whereas i'm nowhere using any data retrieval operation. :confused: pl help
Man can acquire accomplishments or he can become an animal, whichever he wants. God makes the animals, man makes himself. G. C. Lichtenberg (1742-99), German physicist, philosopher. SH:)UVIK
-
I'm using a ODBC connectivity with a DB in an SDI appl. I retrieve data from the dlg box n on closing of the box i'm updating the data to the DB using
query="insert into Book values('"+ad.m_Auto_Ac_No+"','"+ad.m_Add_Name+"','"+ad.m_Add_Auth+"',"+temp+","+ad.m_Add_Price+",'"+ad.m_Add_Date+"',"+locstat+")"; m_pSet->Open(CRecordset::dynaset,(LPCTSTR)query,CRecordset::none);whr m_pSet is a Crecordset object. This returns an error as Syntax error in FROM clause whereas i'm nowhere using any data retrieval operation. :confused: pl help
Man can acquire accomplishments or he can become an animal, whichever he wants. God makes the animals, man makes himself. G. C. Lichtenberg (1742-99), German physicist, philosopher. SH:)UVIK
Firstly we can't tell what values you are pumping into the SQL statement, and secondly never, ever, EVER do what you are doing. Your app is open to SQL injection attacks. Use parameters and check the input values going into the query.
cheers, Chris Maunder
CodeProject.com : C++ MVP
-
I'm using a ODBC connectivity with a DB in an SDI appl. I retrieve data from the dlg box n on closing of the box i'm updating the data to the DB using
query="insert into Book values('"+ad.m_Auto_Ac_No+"','"+ad.m_Add_Name+"','"+ad.m_Add_Auth+"',"+temp+","+ad.m_Add_Price+",'"+ad.m_Add_Date+"',"+locstat+")"; m_pSet->Open(CRecordset::dynaset,(LPCTSTR)query,CRecordset::none);whr m_pSet is a Crecordset object. This returns an error as Syntax error in FROM clause whereas i'm nowhere using any data retrieval operation. :confused: pl help
Man can acquire accomplishments or he can become an animal, whichever he wants. God makes the animals, man makes himself. G. C. Lichtenberg (1742-99), German physicist, philosopher. SH:)UVIK
This type of question would probrally get a better answer in the SQL forum. Expanding on what Chris said read this article SQL Injection Attack[^] for more information. Your really opening up the entire db to malice. See the W3Schools for info on how the Insert Into Statement[^] works.
INSERT INTO table_name (column1, column2,...) VALUES (value1, value2,....)Good Luck!
I'd love to help, but unfortunatley I have prior commitments monitoring the length of my grass. :Andrew Bleakley: