Member Avatar for hmmmm

im am trying out this code but it keeps giving an error msg but i cant see where the error is...please help

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values('" & TextBox1.Text & " ',' " & TextBox2.Text & " ',' " & TextBox3.Text & " ',' " & TextBox4.Text & " ',' " & TextBox5.Text & " )", con)
con.Open()
query.ExecuteNonQuery()
con.Close()
Edited by kvprajapati because: Added [code] tags. Encase your code in: [code] and [/code] tags.
  • 3 Contributors
  • 3 Replies
  • 130 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by SadOldMisterHam

Recommended Answers

All 3 Replies

Member Avatar for phatJacob07

All I see is that you're missing a single quotation mark ( ' ) right before the final parenthesis in your SQL statement.

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values('" & TextBox1.Text & " ',' " & TextBox2.Text & " ',' " & TextBox3.Text & " ',' " & TextBox4.Text & " ',' " & TextBox5.Text & "' )", con)
Edited by phatJacob07 because: n/a
Member Avatar for hmmmm

thanks mate

Member Avatar for SadOldMisterHam

good spot - also a nice thing to do is to use

replace(textbox.value, "'", "''")

since users are prone to using the ' character in the most unlikely of places

or alternatively go the whole hog and use parameters in the query eg

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values(@P0, @P1, @P2, @P3, @P4 )", con)
                    query.Parameters.AddRange(New String() {textbox1.Text, textbox2.Text, textbox3.Text, textbox4.Text, textbox5.Text})
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.