im am trying out this code but it keeps giving an error msg but i cant see where the error is...please help

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values('" & TextBox1.Text & " ',' " & TextBox2.Text & " ',' " & TextBox3.Text & " ',' " & TextBox4.Text & " ',' " & TextBox5.Text & " )", con)
con.Open()
query.ExecuteNonQuery()
con.Close()

Edited 7 Years Ago by __avd: Added [code] tags. Encase your code in: [code] and [/code] tags.

All I see is that you're missing a single quotation mark ( ' ) right before the final parenthesis in your SQL statement.

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values('" & TextBox1.Text & " ',' " & TextBox2.Text & " ',' " & TextBox3.Text & " ',' " & TextBox4.Text & " ',' " & TextBox5.Text & "' )", con)

Edited 7 Years Ago by phatJacob07: n/a

good spot - also a nice thing to do is to use

replace(textbox.value, "'", "''")

since users are prone to using the ' character in the most unlikely of places

or alternatively go the whole hog and use parameters in the query eg

query = New OleDbCommand("INSERT INTO studenttable(sname,scourse,syear,ssemestor,sgrade)values(@P0, @P1, @P2, @P3, @P4 )", con)
                    query.Parameters.AddRange(New String() {textbox1.Text, textbox2.Text, textbox3.Text, textbox4.Text, textbox5.Text})
This question has already been answered. Start a new discussion instead.