Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 years ago.
Improve this question
it returns that I made a syntax error in my SQL statement cant find where, I used this syntax earlier and it worked... could you tell me where it is please ?
public static void addKc(KeyCeremony kc)
{
string ka = kc.ka;
string kc1 = kc.kc1;
string kc3 = kc.kc3;
string family = kc.family;
string so = kc.so;
string it = kc.it;
string desc = kc.desc;
using (OleDbConnection conn = new OleDbConnection(connecString))
{
using (OleDbCommand cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO KC(Family, Kc1, Kc3, Ka, So, It, Desc) VALUES(#Family, #Kc1, #Kc3, #Ka, #So, #It, #Desc)";
cmd.Connection = conn;
conn.Open();
cmd.Parameters.AddWithValue("#Family", family);
cmd.Parameters.AddWithValue("#Kc1", kc1);
cmd.Parameters.AddWithValue("#Kc3", kc3);
cmd.Parameters.AddWithValue("#Ka", ka);
cmd.Parameters.AddWithValue("#So", so);
cmd.Parameters.AddWithValue("#It", it);
cmd.Parameters.AddWithValue("#Desc", desc);
try
{
cmd.ExecuteNonQuery();
MessageBox.Show("Insertion OK");
}
catch (Exception)
{
throw;
}
conn.Close();
}
}
}
hope you will find it faster than me
Desc is a keyword. Change to this: [Desc].
All Keywords in SQL:
https://www.drupal.org/docs/develop/coding-standards/list-of-sql-reserved-words
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 1 year ago.
Improve this question
I am trying to get a string value from parameter and get all names of the companies(YRITYS) where name starts with letter from parameter but I am getting nothing in return. What is the correct syntax to do this?
public IEnumerable<Asiakas> GetByName(string arvo)
{
string sql = "SELECT ASNRO, YRITYS, SUKUNIMI, ETUNIMI, LAHIOSOITE, POSTITP, POSTINRO " +
"FROM dbo.ASIAKAS " +
"WHERE YRITYS LIKE '#KIRJAIN' " +
"ORDER BY ASNRO";
using (var cmd = Context.CreateCommand())
{
cmd.CommandText = sql;
cmd.Parameters.Add(new SqlParameter("#KIRJAIN", arvo));
var tulos = ToList(cmd);
return tulos;
}
}
don't use quotes in the sql, and don't use # in the parameter
public IEnumerable<Asiakas> GetByName(string arvo)
{
string sql = "SELECT ASNRO, YRITYS, SUKUNIMI, ETUNIMI, LAHIOSOITE, POSTITP, POSTINRO " +
"FROM dbo.ASIAKAS " +
"WHERE YRITYS LIKE #KIRJAIN " +
"ORDER BY ASNRO";
using (var cmd = Context.CreateCommand())
{
cmd.CommandText = sql;
cmd.Parameters.Add(new SqlParameter("KIRJAIN", arvo));
var tulos = ToList(cmd);
return tulos;
}
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
I am using parameterised query but I got an error - how can I solve it?
Here is my code
SqlCommand cmd = new SqlCommand();
string sql = #"insert into Student_Records (FirstName,LastName,Email,ContactNumber,DOB,TemporaryAddress,PermanentAddress,FatherName,Fathersoccupation,ContactNumberF,MotherName,Mothersoccupation,ContactNumberM,Remarks) values(#firstname,#lastname,#email,#contactnumber,#dob,#temporaryaddress,#permanentaddress,#fathername,#fatheroccupation,#contactnumberf,#mothername,#motheroccupation,#contactnumberm,#remarks) ";
cmd.Parameters.AddWithValue("#firstname", txtFname.Text);
cmd.Parameters.AddWithValue("#lastname", txtlastN.Text);
cmd.Parameters.AddWithValue("#contactnumber", txtCN.Text);
cmd.Parameters.AddWithValue("#dob", dtdob.Value);
cmd.Parameters.AddWithValue("#temporaryaddress", txtTaddress.Text);
cmd.Parameters.AddWithValue("#permanentaddress", txtPaddress.Text);
cmd.Parameters.AddWithValue("#fathername", txtFname.Text);
cmd.Parameters.AddWithValue("#fatheroccupation", txtFoccupation.Text);
cmd.Parameters.AddWithValue("#contactnumberf", txtFcn.Text);
cmd.Parameters.AddWithValue("#mothername", txtMname.Text);
cmd.Parameters.AddWithValue("#motheroccoupation", txtMoccupation.Text);
cmd.Parameters.AddWithValue("#contactnumberm", txtMcn);
cmd.Parameters.AddWithValue("#remarks", rtremarks.Text);
DBconnection.ExecutiveNonQuery(sql);
I get this error:
must declare the scalar variable
using (SqlCommand cmd = new SqlCommand("Add your insert cmd", connection)) {
cmd.Parameters.AddWithValue("#firstname", txtFname.Text);
....
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 years ago.
Improve this question
Im trying to retrieve no of rows from sql based user input & display in gridview
Please help!
Int32 text = Convert.ToInt32(this.Txtusers.Text);
con.Open();
cmd = new SqlCommand("select TOP '" + text + "' * from Avaya_Id where LOB = '" + DDLOB.SelectedItem.Value + "' and Status = 'Unassigned'", con);
SqlDataReader rdr = cmd.ExecuteReader();
GridView1.DataSource = rdr;
GridView1.DataBind();
con.Close();
Here is how it should be written.
int text;
if(int.TryParse(this.Txtusers.Text, out text)
{
using(var con = new SqlConnection(connectionString)
{
using(var cmd = new SqlCommand("select TOP (#top) * from Avaya_Id where LOB = #LOB and Status = 'Unassigned'", con))
{
cmd.Parameters.Add("#top", SqlDbType.Int).Value = text;
cmd.Parameters.Add("#LOB", SqlDbType.Int).Value = DDLOB.SelectedItem.Value;
con.Open();
using(var rdr = cmd.ExecuteReader())
{
GridView1.DataSource = rdr;
GridView1.DataBind();
}
}
}
}
Points of interest:
Using parameters to avoid the risk of Sql Injection.
Changed Convert.ToInt32 to int.TryParse. Never trust user input.
Use the using statement for every instance that implements the IDisposable interface.
Please note that using top x without an order by clause means you get x arbitrary records from the database - since database tables are unordered by nature and the only way to ensure the order of the rows returned from a select statement is to use the order by clause.
Please note I've guessed that the second parameter is an int, if it's not, change the data type.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 6 years ago.
Improve this question
I have set up a mySql database on a server, and now i want to reach it in order for me to make a webservice. Firstly i just want to test if i can grab an entity from my query in my method (OneEntity), and put it into my list.
public IEnumerable<Person> Get()
{
return new List<Person> {
new Person{ ID = 0, First = OneEntity(), Last ="Example"}
};
}
public string OneEntity()
{
MySql.Data.MySqlClient.MySqlConnection mySqlConnection;
MySql.Data.MySqlClient.MySqlCommand cmd;
String connString = System.Configuration.ConfigurationManager.ConnectionStrings["MySql"].ToString();
mySqlConnection = new MySql.Data.MySqlClient.MySqlConnection(connString);
cmd = new MySql.Data.MySqlClient.MySqlCommand();
cmd.CommandText = "SELECT 'name' FROM 'CustomerDb' WHERE 'id' = 0";
cmd.CommandType = CommandType.Text;
cmd.Connection = mySqlConnection;
mySqlConnection.Open();
SqlDataReader reader = cmd.ExecuteReader();
mySqlConnection.Close();
return reader;
}
I am not very experienced in c# and are therefore not sure if im doing it correct. However in my cmd.ExecuteReader() (Object i guess it is?!??!) i get that it
cannot implicitly convert type 'MySql.Data.MySqlDataReader' to
'System.Data.SqlClient.SqlDataReader'
What am i doing wrong here?? obviously my return is not correct either, as i specified my method to be 'string'.. but even though i type in a string, the error doesn't dissapear?
you shoud use MySqlDataReader not SqlDataReader
MySqlDataReader Reader = cmd.ExecuteReader();
code should return string not the reader in your case.
To return the first item use this return reader.GetString(0);
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
i'm making GUI for a database (school project) and I have following problem - when i try to assign resul from select statement to variable i have strange error:
An unhandled exception of type 'System.Data.SqlClient.SqlException' occurred in System.Data.dll
Additional information: Incorrect syntax near ')'.
this is my code:
string sql2 = "SELECT * FROM Car WHERE Make = '#CarID' AND Model = '#CarID2');";
SqlCommand cmd3 = new SqlCommand(sql2, sqlconn);
cmd3.Parameters.AddWithValue("#CarID", model_cbo);
cmd3.Parameters.AddWithValue("#CarID2", make_cbo);
string CarID = cmd3.ExecuteScalar().ToString();
I've looking for the solution for a long time, but haven't found anything, so please help
This is my code for connection with DB:
public CarSpec()
{
InitializeComponent();
connectDB();
this.conn = new OleDbConnection("PROVIDER=SQLOLEDB;Data Source=HENIU;Initial Catalog=ServiceStation; Integrated Security=SSPI;");
conn.Open();
}
public void connectDB()
{
sqlconn = new SqlConnection(#"Data Source=HENIU; Initial Catalog=ServiceStation; Integrated Security=TRUE;");
sqlconn.Open();
da = new SqlDataAdapter();
}
There are three problems in your code:
There is a parenthesys not needed at the end of the WHERE clause
The parameters should be free from the single quotes. (Otherwise the will be treated as string literals)
The ExecuteScalar returns just a the first column of the first row.
You cannot be certain that this will be the carID.
Use instead
string sql2 = "SELECT * FROM Car WHERE Make = #CarID AND Model = #CarID2";
SqlCommand cmd3 = new SqlCommand(sql2, sqlconn);
cmd3.Parameters.AddWithValue("#CarID", model_cbo);
cmd3.Parameters.AddWithValue("#CarID2", make_cbo);
SqlDataReader reader = cmd3.ExecuteReader()
if(reader.Read())
{
int carID = Convert.ToInt32(reader["CarID"]);
}
Here I am assuming that a carID is a number and not a string (as it should be). However, if it is a string then you could change the line to
string carID = reader["CarID"].ToString();