Member Avatar for omarized

Good day every one

please I need help in coding this small easy program

it just three text boxes and one button to save them

this is my code

Imports System.Data
Imports System.Data.SqlClient



Public Class Form1

    Dim cmd As SqlCommand
    Dim con As SqlConnection
   
    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim ConID As String
        Dim ConAddress As String
        Dim ConPhone As String

        ConID = Me.TextBox1.Text
        ConAddress = Me.TextBox2.Text
        ConPhone = Me.TextBox3.Text
        Try


            con.ConnectionString = "Data Source=DBS;Initial Catalog=Recruitment ;User Id=myuserid;Password=Mypassword"
            con.Open()
            cmd.Connection = con
            cmd.CommandText = "INSERT INTO Contacts(ConID, ConAddress,ConPhone ) VALUES('" & ConID & "' , '" & ConAddress & "' , '" & ConPhone & "') "
        Catch ex As Exception
            MessageBox.Show("Error while inserting record on table..." & ex.Message, "Insert Records")
        Finally
            con.Close()
        End Try



    End Sub

End Class
  • 4 Contributors
  • 3 Replies
  • 140 Views
  • 8 Hours Discussion Span
  • Latest Post Latest Post by Netcode

Recommended Answers

All 3 Replies

Member Avatar for hericles

Everything seems OK when I looked over it except, of course, you aren't actually inserting the data into the database. After setting the command text you need to include the line:
cmd.ExecuteNonQuery();
This is the command that places the data into the database. Also,you shouldn't enter the text provided by the user directly into the SQL statement. It allows for hacking attacks via SQL injection (read up on it - its useful to know about). Use parametized queries to avoid the problem.

Member Avatar for Pgmer

Yes cmd.ExecuteNonQuery(); is missing.
Why cant you write SP for this? and just pass the parameters?

Member Avatar for Netcode

use the cmd.ExecuteNonQuery() just after your insert statement

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.