I am trying to insert Data into MS ACCESS DB. Everything is fine. Connection, DB Path etc.
There is a table CIT in it.
I am using this Insert into query
string query = "INSERT INTO CIT (GRNO:, Name, FName, CNIC, Address, ContactNO, Gender, Qualification, DOB, RegDate, Photo) VALUES ('" + txtGRNO.Text + "','" + txtName.Text + "','" + txtFName.Text + "','1234','" + txtAddress.Text + "','" + txtContact.Text + "','" + cBoxGender.Text + "','" + cBoxQual.Text + "','" + dteDOB.Text + "','" + dteReg.Text + "','" + path + "');";
I tried everything but cant seem to find what is wrong here. The datatype of fields is Text in DB, & when I execute the query , it gives the error
Your table includes 2 fields whose names are problematic: GRNO:; and Name.
Since GRNO: includes a colon, you can enclose it in square brackets so the db engine will accept it: [GRNO:]
And since Name is a reserved word, enclose that one in square brackets, too.
"INSERT INTO CIT ([GRNO:], [Name], ...
Beyond those field name issues, the standard advice is to use a parameter query for your INSERT. Note you will still need to bracket those problem names in a parameter query.
Also, Access will let you use back-ticks instead of square brackets if you prefer ...
"INSERT INTO CIT (`GRNO:`, `Name`, ...
Try:
string query = "INSERT INTO CIT (GRNO, Name, FName, CNIC, Address, ContactNO, Gender, Qualification, DOB, RegDate, Photo) VALUES ('" + txtGRNO.Text + "','" + txtName.Text + "','" + txtFName.Text + "','1234','" + txtAddress.Text + "','" + txtContact.Text + "','" + cBoxGender.Text + "','" + cBoxQual.Text + "','" + dteDOB.Text + "','" + dteReg.Text + "','" + path + "');";
Remove ; after GRNO field.
Related
private void btnsave_Click(object sender, EventArgs e)
{
string dbpath = #"Data Source=ABC;Initial Catalog=ApplicationForm;Integrated Security=True";
SqlConnection con = new SqlConnection(dbpath);
con.Open();
string savequerybscs="insert into bscs values('"+txtapplicantnumber.Text+"','"+txtname.Text+"','"+txtfathername.Text+"','"+txtmatrictotal.Text+"','"+txtmatricobtained.Text+"','"+txtmatricpercent.Text+"','"+txtintertotal.Text+"','"+txtinterobtained.Text+ "','"+txtinterpercent.Text+"')";
string savequerybsit ="insert into bsit values('" + txtapplicantnumber.Text + "','" + txtname.Text + "','" + txtfathername.Text + "','" + txtmatrictotal.Text + "','" + txtmatricobtained.Text + "','" + txtmatricpercent.Text + "','" + txtintertotal.Text + "','" + txtinterobtained.Text + "','" + txtinterpercent.Text + "')";
string savequerymcs ="insert into bscs values('" + txtapplicantnumber.Text + "','" + txtname.Text + "','" + txtfathername.Text + "','" + txtmatrictotal.Text + "','" + txtmatricobtained.Text + "','" + txtmatricpercent.Text + "','" + txtintertotal.Text + "','" + txtinterobtained.Text + "','" + txtinterpercent.Text + "','"+txtbachelortotal.Text+"','"+txtbachelorobtained.Text+"','"+txtbachelorpercent.Text+"')";
string savequerymit ="insert into bscs values('" + txtapplicantnumber.Text + "','" + txtname.Text + "','" + txtfathername.Text + "','" + txtmatrictotal.Text + "','" + txtmatricobtained.Text + "','" + txtmatricpercent.Text + "','" + txtintertotal.Text + "','" + txtinterobtained.Text + "','" + txtinterpercent.Text + "','" + txtbachelortotal.Text + "','" + txtbachelorobtained.Text + "','" + txtbachelorpercent.Text + "')";
SqlCommand cmd = new SqlCommand(savequerybscs,savequerymcs,bla blaa);
}
As you can see, this solution is pretty messed up. Is there any other way to handle such issues? All I want is to insert data in multiple tables simultaneously but SqlCommand only takes 1 argument.
I just learned about bulk query or bulk insertion. Can someone guide me through that? I am not clearly getting those concepts from youtube.
You can do one insert query using the comma separator between tuples for multiples rows:
insert into bsit values (field1, field2...), (field1, field2...), ...
But this insert is for one table.
Basically, you use as many SQL query as many table you want to update.
I'm not advanced but perhaps, depending on the database server, you could execute a "script" in one C# SqlCommand execute non query call, using the semilicon separator, like:
string sql = "insert into table1 values (field1, field2...), (field1, field2...), ... ; "
+ "insert into table2 values (field1, field2...), (field1, field2...), ... ;";
MySql should support that.
You should use SQL Parameters for security reason instead of adding values to the sql string itself:
string sql = "insert into table1 values (?, ?)";
var command = new OdbcCommand(sql, connection);
command.Parameters.Add("#ID", OdbcType.Text).Value = Guid.NewGuid().ToString();
command.Parameters.Add("#Name", OdbcType.Text).Value = "Test";
command.ExecuteNonQuery();
https://learn.microsoft.com/dotnet/api/system.data.sqlclient.sqlcommand.parameters
I have a simple user interface for an inventory database. The operation will be insert into, edit existing, view data grid, etc....There are a total of 4 fields for the inventory. The insert statement I am using works but if one of the entries does not have a value then it shows an error when trying to insert.
" Data type mismatch in criteria expression "
command.CommandText = "insert into Inventory(SerialNumber,PartNumber,ROnumber,Location)
values ('" + txtPart.Text + "','" + txtSerial.Text + "','" +
txtRO.Text + "','" + txtLocation.Text + "')";
I assume it is because the code needs a value for each field so how do I get around this issue?.
Actually when you trying to use this query you have said the First Parameter is SerialNumber and then PartNumber and when you are passing its reverse.
command.CommandText = "insert into Inventory(SerialNumber,PartNumber,ROnumber,Location)
values ('" + txtPart.Text + "','" +
txtSerial.Text + "','" +
txtRO.Text + "','" +
txtLocation.Text + "')";
Due to this reason the fields you are entering have different size May be part number is bigger in size instead of SerialNumber or vice versa. So you should change it to
command.CommandText = "insert into Inventory(SerialNumber,PartNumber,ROnumber,Location)
values ('" + txtSerial.Text + "','" +
txtPart.Text + "','" +
txtRO.Text + "','" +
txtLocation.Text + "')";
For my code I INSERT a row and I would like to UPDATE that row.
cmdRstCmdN.CommandText = "INSERT INTO Login_Details (userName,password , role,login_start) VALUES ('" + userName + "','" + password + "','" + role + "','" + login_start + "')";
cmdRstCmdN.ExecuteNonQuery();
For above I INSERT userName, password, role, login_start INTO Login_Details. So now I would like to UPDATE this row with login_end My code is below, but it's not work. Could you help me to fix this code. I think I may wrong on some syntax or somethings.
cmdRstCmdN.CommandText = "UPDATE Login_Details SET login_end ='" + login_end + "' WHERE login='" + countRow + "'";
cmdRstCmdN.ExecuteNonQuery();
Thanks all.
So, I'm building a C# application, using .NET and oracle 11g express. I've already connected to the database, but, for some reason, it cannot insert into the database, it keeps giving the ORA 00911 error. This is the code:
private void toolStripButton1_Click(object sender, EventArgs e)
{
string salvar;
dbConnection conn = new dbConnection();
try
{
conn.tryconection();
salvar = "INSERT INTO Client(Name, Document, City, Contact, Addr, District, Zipcode, Phone_1, Phone_2, Cel_1, Cel_2, eymael, tobar) VALUES('" + boxNome.Text + "', '" + boxDocumento.Text + "','" + boxCidade.Text + "','" + boxContato.Text + "','" + boxEndereco.Text + "','" + boxBairro.Text + "','" + boxCep.Text + "','" + boxFone1.Text + "','" + boxFone2.Text + "','" + boxCel1.Text + "','" + boxCel2.Text + "','" + boxEmail.Text + "','" + boxComment.Text + "');";
//MessageBox.Show(salvar);
conn.executaInstrucao(salvar);
//conn.executaInstrucao("commit;");
}
catch (Exception g)
{
MessageBox.Show("Problema na conexão");
}
}
This is the output string with some random values, wich works on SQL Developer and actually adds the row:
INSERT INTO Client(Name, Document, City, Contact, Addr, District, Zipcode, Phone_1, Phone_2, Cel_1, Cel_2, eymael, tobar) VALUES('asdassdsad', '15.465.465/4654-54','654654654','654654654','654654654','654654654','65465-465','(65) 4654-6546','(54) 6546-5465','(46) 54654-6546','(65) 46546-5465','4654654654','65465465465');
Someone help me, please. I have no idea of what is wrong.
PS.: All my columns are VARCHAR2.
ORA 00911 is invalid char problem. If you have ' char in your textboxes, may be it makes problem. Like comment above use SqlCommand.Parameters.AddWithValue like Soner Gönül said parameter
I have a sql table which has an image cloumn I'm trying to insert the image after converting it into byte.... the my insert query looks like this
INSERT INTO Member (F_NAME, L_NAME, D_O_B, UAE_ID_NO, MOBILE_NO, EMAIL_ID, REFERER, REF_CONTACT, ADDRESS, PICTURE) VALUES ('" + fname + "','" + lname + "','" + dob.ToShortDateString() + "','" + uaeid + "','" + mobile + "','" + emailid + "','" + reffere + "','" + refercontact + "','"+address+"',"+photo+")"
here pic is the image column... I'm converting the image into byte array using the following method
MemoryStream ms = new MemoryStream();
//save the image into memory stream
pBoxMember.Image.Save(ms, ImageFormat.Jpeg);
//assign the byte array with total size of memorystream
photo = new byte[ms.Length];
ms.Position = 0;
ms.Read(photo, 0, photo.Length);
return true;
But it is giving me this error
An object or column name is missing or empty. For SELECT INTO statements, verify each column has a name. For other statements, look for empty alias names. Aliases defined as "" or [] are not allowed. Change the alias to a valid name.
invalid syntax near ".
If this should work at all this should look like this:
var sql = "INSERT INTO Member (F_NAME, L_NAME, D_O_B, UAE_ID_NO, MOBILE_NO, " +
"EMAIL_ID, REFERER, REF_CONTACT, ADDRESS, PICTURE) " +
"VALUES ('" + fname + "','" + lname + "','" + dob.ToShortDateString() + "','" + uaeid + "','" + mobile + "','" + emailid + "','" + reffere + "','" + refercontact + "','" + address + "'," + photo + ")"
But you should use SQL Params for this, something like:
string queryString = "INSERT INTO Member (F_NAME, L_NAME, D_O_B, UAE_ID_NO, ... VALUES(#fname ,#lname ....)";
SqlCommand cmd = new SqlCommand(queryString, dbConnection);
cmd.Parameters.AddWithValue("#fname",fname);
cmd.Parameters.AddWithValue("#lname",lname);
...
cmd.Parameters.AddWithValue("#blobParam",YourBytesArray);
...
cmd.ExecuteNonQuery();