update sql

Question

Mike Bishop -3 Junior Poster

13 Years Ago

anyone help with this?

I have a unique id on each line of sql, i want to be able to update a row from a table i tested and tested this but unable to get this working. does anyone know how i am able to do this?

Dim PINV As String
    PINV = Me.txtPassword.Text

       Dim con As New SqlConnection
        Dim cmd As New SqlCommand
        Try
            con.ConnectionString = "Data Source=10.10.0.25;Initial Catalog=RConditions;Persist Security Info=True;User ID=mbish;Password=mbish"
            con.Open()
            cmd.Connection = con
            cmd.CommandText = "update Settings SET pin =" & PINV & "where Company = '1')"
 
            cmd.ExecuteNonQuery()
        Catch ex As Exception
            MessageBox.Show("Error while inserting record on table..." & ex.Message, "Insert Records")
        Finally
            con.Close()
        End Try

        MsgBox("Pin Saved")

    
    End Sub

vb.net

3 Contributors
8 Replies
108 Views
4 Months Discussion Span
Latest Post 13 Years Ago Latest Post by nemzmiyaw

All 8 Replies

Unhnd_Exception

13 Years Ago

cmd.CommandText = "update Settings SET pin = '" & PINV & "' where Company = '1')"

Unhnd_Exception

13 Years Ago

You should really use parameters:

cmd.CommandText = "update Settings SET pin = @Pinv where Company = @Company)"
        cmd.Parameters.AddWithValue("@Pinv", PINV)
        cmd.Parameters.AddWithValue("@Company", 1)

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Mike Bishop -3 Junior Poster · Answer 1 · 2010-12-01T04:36:45+00:00

sorry this still not working thanks for your help.

Dim PINV As String
       

        PINV = txtSysPassword.Text


        Dim con As New SqlConnection
        Dim cmd As New SqlCommand
        Try
            con.ConnectionString = "Data Source=10.10.0.25;Initial Catalog=RConditions;Persist Security Info=True;User ID=mbish;Password=mbish"
            con.Open()
            cmd.Connection = con
            cmd.CommandText = "update Settings SET pin = @PinV where Company = @Company)"
            cmd.Parameters.AddWithValue("@PinV", PINV)
            cmd.Parameters.AddWithValue("@Company", 1)
 
            cmd.ExecuteNonQuery()
        Catch ex As Exception
            MessageBox.Show("Error while inserting record on table..." & ex.Message, "Insert Records")
        Finally
            con.Close()
        End Try

        MsgBox("Pin Saved")

Unhnd_Exception · Answer 2 · 2010-12-01T04:36:50+00:00

Heres an example of why to use parameters.

If you set the PINV string to

PINV = "anything' where 1 = 1 ----"

would update every record in the table to anything if you used the following CommandText:

cmd.CommandText = "update Settings SET pin = '" & PINV & "' where Company = '1')"

Unhnd_Exception · Answer 3 · 2010-12-01T04:37:34+00:00

Get rid of the ) at the end of your sql statement

Mike Bishop -3 Junior Poster · Answer 4 · 2010-12-01T04:40:31+00:00

thanks very much for your help.

this is now working

Unhnd_Exception · Answer 5 · 2010-12-01T04:42:14+00:00

Sorry about the )

I must have hit a key before copying it.

nemzmiyaw 0 Newbie Poster · Answer 6 · 2011-04-07T23:08:30+00:00

Thanks for this thread, i convert it to Mysql and it works like a charm ^_^

update sql

Recommended Answers Collapse Answers

All 8 Replies

Recommended Answers