0

Having a problem with my sql, I am creating program for my ALevel and when I go to create a logins page I wish to have a button that will allow me to create a new login and save it to my database. when I click the button I keep getting 'Syntax error in INSERT INTO statement.' I have tried coding this in many different ways and my teacher can't figure it out! Any advice?

Imports System.Data

Public Class Login
    Public Con As New OleDb.OleDbConnection
    Public userds As New DataSet
    Public userda As OleDb.OleDbDataAdapter

    Dim NumberofRecords As Integer
    Dim CurrentRecord As Integer = 0

    Private Sub RefreshData()
        userds.Clear()
        Con.Open()
        userda = New OleDb.OleDbDataAdapter("Select * From tblLoginDetails", Con)
        userda.Fill(userds, "Logins")
        NumberofRecords = userds.Tables("Logins").Rows.Count - 1
        Con.Close()
    End Sub

    Private Sub MakeSQL(ByVal SQLString As String)
        Dim cmd As New OleDb.OleDbCommand
        If Not Con.State = ConnectionState.Open Then
            Con.Open()
        End If
        cmd.Connection = Con
        cmd.CommandText = SQLString
        MsgBox(SQLString)
        cmd.ExecuteNonQuery()
        Con.Close()
        CurrentRecord = 0
        RefreshData()
    End Sub

    Public Sub Login_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Con.ConnectionString = "Provider=Microsoft.Jet.OleDb.4.0; Data Source =" & Application.StartupPath & "\AddressBook.mdb"
        RefreshData()
    End Sub

    Private Sub cmdNewLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdNewLogin.Click
        Dim Answer As Integer = MsgBox("Add this as a new record?", MsgBoxStyle.YesNo, "Request")
        If Answer = 6 Then

            'Create INSERT INTO    SQL command

            Dim SQLSend As String = "INSERT INTO tblLoginDetails(Username, Password) " & _
                   " VALUES('" & Me.txtUsername.Text & "','" & txtPassword.Text & "')"


            MakeSQL(SQLSend)    ' Call SQL function with above string as parameter
            MsgBox("Record Added", MsgBoxStyle.Information, "Info")
        Else
            MsgBox("Record not Added", MsgBoxStyle.Information, "Info")
        End If
    End Sub
End Class
2
Contributors
1
Reply
2
Views
6 Years
Discussion Span
Last Post by Netcode
0
Dim dc As SqlCommand = New SqlCommand

     With dc

                .Connection = con 'assuming con is connection string
                .CommandText = "INSERT INTO tblLoginDetails" & _
               "(UserName, password)" & _
               "VALUES ( @user, @pass)"
                .Parameters.AddWithValue("@user", txtuserName.Text)
                .Parameters.AddWithValue("@pass", txtpassword.Text)

            End With

            con.Open()

            Try
                dc.ExecuteNonQuery()
            Catch sqlexceptionerr As SqlException
                MessageBox.Show(sqlexceptionerr.Message)
            End Try

Edited by Netcode: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.