A problem in insert command?
-
hi , i have a problem in the insert command using oledbdataadapter when i use it it give me an error saying syntax error in insert into can any one suggest an idea plz thx
I suggest you post the command so that we can see what it is in order to help you find your syntax error. To find a syntax error in a command, one must first see what the command is.
Do you want to know more? Not getting the response you want from a question asked in an online forum: How to Ask Questions the Smart Way!
-
I suggest you post the command so that we can see what it is in order to help you find your syntax error. To find a syntax error in a command, one must first see what the command is.
Do you want to know more? Not getting the response you want from a question asked in an online forum: How to Ask Questions the Smart Way!
-
I suggest you post the command so that we can see what it is in order to help you find your syntax error. To find a syntax error in a command, one must first see what the command is.
Do you want to know more? Not getting the response you want from a question asked in an online forum: How to Ask Questions the Smart Way!
hi, here is the code i told u about
oleDbConnection1.Open(); int ActiveState=0; string Date=DateTime.Now.ToString(); string InsNew="insert into users(UserName,Password,FirstName,LastName,count,Email,StreetAddress,City,Country,Active,RegisterDate) values('"+TextBox3.Text+"','"+TxtBxPass.Text+"','"+TxtBxName.Text+"','"+TxtBxLName.Text+"','"+TxtBxYears.Text+"','"+TxtBXMail.Text+"','"+TxtBxAdd.Text+"','"+TxtBxCity.Text+"','"+TxtBxNow.Text+"','"+ActiveState+"','"+Date+"');"; oleDbDataAdapter2.InsertCommand.CommandText=InsNew; oleDbDataAdapter2.InsertCommand.ExecuteNonQuery(); oleDbConnection1.Close(); -
hi, here is the code i told u about
oleDbConnection1.Open(); int ActiveState=0; string Date=DateTime.Now.ToString(); string InsNew="insert into users(UserName,Password,FirstName,LastName,count,Email,StreetAddress,City,Country,Active,RegisterDate) values('"+TextBox3.Text+"','"+TxtBxPass.Text+"','"+TxtBxName.Text+"','"+TxtBxLName.Text+"','"+TxtBxYears.Text+"','"+TxtBXMail.Text+"','"+TxtBxAdd.Text+"','"+TxtBxCity.Text+"','"+TxtBxNow.Text+"','"+ActiveState+"','"+Date+"');"; oleDbDataAdapter2.InsertCommand.CommandText=InsNew; oleDbDataAdapter2.InsertCommand.ExecuteNonQuery(); oleDbConnection1.Close();A number of things. 1. What does InsNew actually evaluate to? 2. :omg: You are storing the password as clear text in the database! 3. Learn a bit about SQL Injection attacks.[^] (The link discusses SQL Server, but the arguments are valid for all databases) If you use parameterised queries, .NET will do lots of work for you. e.g. you can pass a DateTime directly to the Parameter and it will get converted correctly for the database. What you have here may not have formatted the data correctly. Also, if you don't mind my saying, you should stick to one convention for naming variables. TextBox3, TxtBxPass, TxtBXMail - I'd have a hard time working out what to type if I had to maintain this. Using the + operator to concatenate strings is also inefficient. You should consider using a
System.Text.StringBuilderfor lots of concatenations, orstring.Concatfor a smaller number. I did some tests a year or so back and found thatstring.Concatwas good for upto a half dozen strings, andStringBuilderwas better for more than that.
Do you want to know more? Not getting the response you want from a question asked in an online forum: How to Ask Questions the Smart Way!
-
hi, here is the code i told u about
oleDbConnection1.Open(); int ActiveState=0; string Date=DateTime.Now.ToString(); string InsNew="insert into users(UserName,Password,FirstName,LastName,count,Email,StreetAddress,City,Country,Active,RegisterDate) values('"+TextBox3.Text+"','"+TxtBxPass.Text+"','"+TxtBxName.Text+"','"+TxtBxLName.Text+"','"+TxtBxYears.Text+"','"+TxtBXMail.Text+"','"+TxtBxAdd.Text+"','"+TxtBxCity.Text+"','"+TxtBxNow.Text+"','"+ActiveState+"','"+Date+"');"; oleDbDataAdapter2.InsertCommand.CommandText=InsNew; oleDbDataAdapter2.InsertCommand.ExecuteNonQuery(); oleDbConnection1.Close();If you get an error on the query it means the string itself is wrong. It could be the ';' at the end. try:
string InsNew="insert into users(UserName,Password,FirstName,LastName,count,Email,StreetAddress,City,Country,Active,RegisterDate) values('"+TextBox3.Text+"','"+TxtBxPass.Text+"','"+TxtBxName.Text+"','"+TxtBxLName.Text+"','"+TxtBxYears.Text+"','"+TxtBXMail.Text+"','"+TxtBxAdd.Text+"','"+TxtBxCity.Text+"','"+TxtBxNow.Text+"','"+ActiveState+"','"+Date+"')";but it could also be a "'" character. I build my queries like this also, but it often misses some detail, my advise is: debug the code and copy the query (via quickwatch or something) then paste the query in the sql editor of your database and see what happens. Here you can 'debug' your query. adjust your string in code and it should work. Keep in mind that databases have different syntax. eg. Sybase is case sensitive and Oracle is not. Good luck. "If I don't see you in this world, I'll see you in the next one... and don't be late." ~ Jimi Hendrix