Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
I am using parameterised query but I got an error - how can I solve it?
Here is my code
SqlCommand cmd = new SqlCommand();
string sql = #"insert into Student_Records (FirstName,LastName,Email,ContactNumber,DOB,TemporaryAddress,PermanentAddress,FatherName,Fathersoccupation,ContactNumberF,MotherName,Mothersoccupation,ContactNumberM,Remarks) values(#firstname,#lastname,#email,#contactnumber,#dob,#temporaryaddress,#permanentaddress,#fathername,#fatheroccupation,#contactnumberf,#mothername,#motheroccupation,#contactnumberm,#remarks) ";
cmd.Parameters.AddWithValue("#firstname", txtFname.Text);
cmd.Parameters.AddWithValue("#lastname", txtlastN.Text);
cmd.Parameters.AddWithValue("#contactnumber", txtCN.Text);
cmd.Parameters.AddWithValue("#dob", dtdob.Value);
cmd.Parameters.AddWithValue("#temporaryaddress", txtTaddress.Text);
cmd.Parameters.AddWithValue("#permanentaddress", txtPaddress.Text);
cmd.Parameters.AddWithValue("#fathername", txtFname.Text);
cmd.Parameters.AddWithValue("#fatheroccupation", txtFoccupation.Text);
cmd.Parameters.AddWithValue("#contactnumberf", txtFcn.Text);
cmd.Parameters.AddWithValue("#mothername", txtMname.Text);
cmd.Parameters.AddWithValue("#motheroccoupation", txtMoccupation.Text);
cmd.Parameters.AddWithValue("#contactnumberm", txtMcn);
cmd.Parameters.AddWithValue("#remarks", rtremarks.Text);
DBconnection.ExecutiveNonQuery(sql);
I get this error:
must declare the scalar variable
using (SqlCommand cmd = new SqlCommand("Add your insert cmd", connection)) {
cmd.Parameters.AddWithValue("#firstname", txtFname.Text);
....
}
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 months ago.
Improve this question
I'm coding a small program with C# to watch my organization's cars and I use code below to update value but it didn't work when I apply it.
OleDbCommand updateCommand = new OleDbCommand("UPDATE Mqar SET [Car_Type] = #Car_Type,[Model] = #Model,[chase_nu] = #chase_nu,[Engin_Nu] = #Engin_Nu,[Car_nu] = #Car_nu,[Car_State] = #Car_State,[Draiver_Name] = #Draiver_Name,WHERE [ID] = #ID", conn);
conn.Open();
updateCommand.Parameters.AddWithValue("#Car_Type", textBox1.Text);
updateCommand.Parameters.AddWithValue("#Model", textBox2.Text);
updateCommand.Parameters.AddWithValue("#chase_nu", textBox3.Text);
updateCommand.Parameters.AddWithValue("#Engin_Nu", textBox4.Text);
updateCommand.Parameters.AddWithValue("#Car_nu", textBox5.Text);
updateCommand.Parameters.AddWithValue("#Car_State", comboBox1.Text);
updateCommand.Parameters.AddWithValue("#Draiver_Name", textBox6.Text);
//updateCommand.Parameters.AddWithValue("#ID", Convert.ToInt32(textBox7.Text));
//conn.Open();
updateCommand.ExecuteNonQuery();
conn.Close();
MessageBox.Show("تم تعديل بيانات الالية بنجاح");
connaction();
The update statement is not correct because there is a comma before the where keyword.
Change the SQL like this:
UPDATE Mqar SET [Car_Type] = #Car_Type,[Model] = #Model,[chase_nu] = #chase_nu,[Engin_Nu] = #Engin_Nu,[Car_nu] = #Car_nu,[Car_State] = #Car_State,[Draiver_Name] = #Draiver_Name WHERE [ID] = #ID
Notice I removed a comma before ,WHERE => WHERE
Also notice that there is an #ID parameter, so you need to pass that too, so uncomment this line:
updateCommand.Parameters.AddWithValue("#ID", Convert.ToInt32(textBox7.Text));
Extra advice (not an answer to your question):
You need to name your variables/input elements in a way that reflects that they are used for.
For example, textBox1 is a bad name because the name does not tell you what it is supposed to be, is it a Car Name? An ID? A model name?
You should rename all the input elements (text boxes and combo boxes) to something meaningful like:
textBox1 => carTypeText
comboxBox1 => carStateComboBox
The clarity you will gain from properly named variables will help you avoid bugs.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 years ago.
Improve this question
it returns that I made a syntax error in my SQL statement cant find where, I used this syntax earlier and it worked... could you tell me where it is please ?
public static void addKc(KeyCeremony kc)
{
string ka = kc.ka;
string kc1 = kc.kc1;
string kc3 = kc.kc3;
string family = kc.family;
string so = kc.so;
string it = kc.it;
string desc = kc.desc;
using (OleDbConnection conn = new OleDbConnection(connecString))
{
using (OleDbCommand cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO KC(Family, Kc1, Kc3, Ka, So, It, Desc) VALUES(#Family, #Kc1, #Kc3, #Ka, #So, #It, #Desc)";
cmd.Connection = conn;
conn.Open();
cmd.Parameters.AddWithValue("#Family", family);
cmd.Parameters.AddWithValue("#Kc1", kc1);
cmd.Parameters.AddWithValue("#Kc3", kc3);
cmd.Parameters.AddWithValue("#Ka", ka);
cmd.Parameters.AddWithValue("#So", so);
cmd.Parameters.AddWithValue("#It", it);
cmd.Parameters.AddWithValue("#Desc", desc);
try
{
cmd.ExecuteNonQuery();
MessageBox.Show("Insertion OK");
}
catch (Exception)
{
throw;
}
conn.Close();
}
}
}
hope you will find it faster than me
Desc is a keyword. Change to this: [Desc].
All Keywords in SQL:
https://www.drupal.org/docs/develop/coding-standards/list-of-sql-reserved-words
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I have set up a mySql database on a server, and now i want to reach it in order for me to make a webservice. Firstly i just want to test if i can grab an entity from my query in my method (OneEntity), and put it into my list.
public IEnumerable<Person> Get()
{
return new List<Person> {
new Person{ ID = 0, First = OneEntity(), Last ="Example"}
};
}
public string OneEntity()
{
MySql.Data.MySqlClient.MySqlConnection mySqlConnection;
MySql.Data.MySqlClient.MySqlCommand cmd;
String connString = System.Configuration.ConfigurationManager.ConnectionStrings["MySql"].ToString();
mySqlConnection = new MySql.Data.MySqlClient.MySqlConnection(connString);
cmd = new MySql.Data.MySqlClient.MySqlCommand();
cmd.CommandText = "SELECT 'name' FROM 'CustomerDb' WHERE 'id' = 0";
cmd.CommandType = CommandType.Text;
cmd.Connection = mySqlConnection;
mySqlConnection.Open();
SqlDataReader reader = cmd.ExecuteReader();
mySqlConnection.Close();
return reader;
}
I am not very experienced in c# and are therefore not sure if im doing it correct. However in my cmd.ExecuteReader() (Object i guess it is?!??!) i get that it
cannot implicitly convert type 'MySql.Data.MySqlDataReader' to
'System.Data.SqlClient.SqlDataReader'
What am i doing wrong here?? obviously my return is not correct either, as i specified my method to be 'string'.. but even though i type in a string, the error doesn't dissapear?
you shoud use MySqlDataReader not SqlDataReader
MySqlDataReader Reader = cmd.ExecuteReader();
code should return string not the reader in your case.
To return the first item use this return reader.GetString(0);
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I am trying to enter the value of a textbox in c# into a field in a database that I have in access. For some reason I keep getting the error saying:
'An unhandled exception of type 'System.Data.OleDb.OleDbException' occurred in System.Data.dll
Additional information: Syntax error in INSERT INTO statement.'
Can't quite see what is wrong, this is the first time I have attempted to do this in a project so I am not too experienced with it. This is my code:
OleDbConnection connection = new OleDbConnection(CONNECTION STRING GOES HERE);
connection.Open();
string playerName = textBox[i].Text;
string query = "INSERT INTO (TotalPlayerName)(Player Name) VALUES(" + playerName + ")";
OleDbCommand command = new OleDbCommand(query, connection);
command.ExecuteNonQuery();
if it helps then the database is called 'Database' the table is called 'TotalPlayerName' and the field is called 'Player Name'
The correct code to do your task is
string cmdText = "INSERT INTO TotalPlayerName ([Player Name]) VALUES(?)";
using(OleDbConnection connection = new OleDbConnection(...))
using(OleDbCommand command = new OleDbCommand(cmdText, connection))
{
connection.Open();
command.Parameters.Add("#p1", OleDbType.VarWChar).Value = textBox[i].Text;
int result = command.ExecuteNonQuery();
if(result > 0)
MessageBox.Show("Record Inserted");
else
MessageBox.Show("Failure to insert");
}
This approach fixes three problems:
The connection and the command object should be disposed at the end
(see using statement)
Every value that you need to pass to the query should be passed as
parameter
If a field name (or table name) has embedded spaces you should enclose
it between square brackets
(The messages below the ExecuteNonQuery are there only as an example to check the return value of ExecuteNonQuery)
Remember also that if your table has more than this field and some of the other fields don't accept null values you should provide some value also for them.
For example
string cmdText = #"INSERT INTO TotalPlayerName ([Player Name], FieldB)
VALUES(?, ?)";
command.Parameters.Add("#p1", OleDbType.VarWChar).Value = textBox[i].Text;
command.Parameters.Add("#p2", OleDbType.VarWChar).Value = "ValueForFieldB";
Just remember to strictly follow the order of the ? when you add your parameter values
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Improve this question
I get an error on sc.ExecuteNonQuery();.. Error: Incorrect syntax near 's'
Code:
con = new SqlConnection("Data Source=DELL-PC;Initial Catalog=sashi;Integrated Security=True");
con.Open();
SqlCommand sc = new SqlCommand("INSERT INTO Login VALUES('" + textBoxUID.Text + "','" + textBoxPWD.Text + "','" + comboBoxQUN.Text + "','" + textBoxANS.Text + "' ) ", con);
sc.ExecuteNonQuery();
MessageBox.Show("Record has been inserted");
con.Close();
What I forgot or where is the error?
Please Use Parameters like this:
using (var con = new SqlConnection("Data Source=DELL-PC;Initial Catalog=sashi;Integrated Security=True"))
{
con.Open();
using(var sc = connection.CreateCommand())
{
sc.CommandText = "INSERT INTO Login VALUES(#uid,#pass,#qun,#ans)";
sc.Parameters.Add(new SqlParameter("#uid", textBoxUID.Text));
sc.Parameters.Add(new SqlParameter("#pass", textBoxPWD.Text));
sc.Parameters.Add(new SqlParameter("#qun", comboBoxQUN.Text));
sc.Parameters.Add(new SqlParameter("#ans", textBoxANS.Text));;
sc.ExecuteNonQuery();
}
}
Sql parameters helps prevent SQL Injection attacks.. and ist easier to read..
Does your login table have only four columns? otherwise you must also specify this in your insert-statement: INSERT INTO (col1, col2 ....