0

i write following code to update database but every time i got update syntax error is anyone help me to ..

MessageBox.Show("the password is matched");
                String conString = "Provider=Microsoft.Jet.OLEDB.4.0;"
                 + "Data Source=C:\\Documents and Settings\\Wasif\\My Documents\\studentLogin.mdb";
                OleDbConnection empConnection = new OleDbConnection(conString);
                String insertStatment = "UPDATE StudentLoginData Set ID='" + this.txt_id.Text + "', username='" + this.txt_username.Text + "', password='" + this.txt_password.Text + "'  WHERE ID="+this.txt_id.Text+";";
                
                OleDbCommand insertCommand = new OleDbCommand(insertStatment, empConnection);

                //insertCommand.Parameters.Add("ID", OleDbType.Char).Value = strID;
                //insertCommand.Parameters.Add("username", OleDbType.Char).Value = strusername;
                //insertCommand.Parameters.Add("password", OleDbType.Char).Value = strpassword;
                empConnection.Open();
                try
                {
                    int count = insertCommand.ExecuteNonQuery();

                }
                catch (OleDbException o)
                {
                    MessageBox.Show(o.Message);
                }
                finally
                {

                    empConnection.Close();
                }
2
Contributors
1
Reply
2
Views
7 Years
Discussion Span
Last Post by __avd
0

Always use parametrized query.

String conString = "Provider=Microsoft.Jet.OLEDB.4.0;"
                 + "Data Source=C:\\Documents and Settings\\Wasif\\My Documents\\studentLogin.mdb";

OleDbConnection empConnection = new OleDbConnection(conString);

String insertStatment = "UPDATE StudentLoginData Set [username]='" + this.txt_username.Text + "',[password]='" + this.txt_password.Text + "'  WHERE [ID]="+this.txt_id.Text+"";
                
                OleDbCommand insertCommand = new OleDbCommand(insertStatment, empConnection);

              empConnection.Open();
                try
                {
                    int count = insertCommand.ExecuteNonQuery();

                }
                catch (OleDbException o)
                {
                    MessageBox.Show(o.Message);
                }
                finally
                {

                    empConnection.Close();
                }
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.