I have an Access database that I use to track personnel going on trips. When I add someone to a trip, it copies over some information items from the master personnel table into another table that ties that person to the trip and then displays readiness things that I need to track. I'm in the process of updating how the front end talks to the back end in preparation for migrating this over to a proper SQL server rather than just a backend file on a share drive, and was wondering if there was a better way to code this.
Here's the original code:
Dim rst As DAO.Recordset
Set rst = CurrentDb.OpenRecordset("tblMsnPers")
rst.AddNew
rst![MsnID] = Me.ID
rst![EDIPI] = Me.PerSelect
rst![NameStr] = DLookup("[NameStr]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![PriAlt] = Me.cmbPriAlt
rst![Errors] = DLookup("[ScrubErrors]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![PT] = DLookup("[ScrubFitDate]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![vRED] = DLookup("[ScrubvRED]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![ISOPREP] = DLookup("[ISOPREP]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![2760] = DLookup("[Scrub2760]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![Checklist] = DLookup("[ScrubStatus]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![IMR] = DLookup("[ScrubShots]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst![Review] = DLookup("[ReviewDate]", "tblPersonnel", "[EDIPI] = '" & Me.PerSelect & "'")
rst.Update
rst.Close
Set rst = Nothing
And here is what my updated code is:
DoCmd.SetWarnings False
SqlStr = "INSERT INTO tblMsnPers " _
& "(MsnID, EDIPI, PriAlt) VALUES " _
& "('" & Me.ID & "', '" & Me.PerSelect & "', '" & Me.cmbPriAlt & "');"
DoCmd.RunSQL SqlStr
SqlStr2 = "UPDATE tblMsnPers INNER JOIN tblPersonnel ON tblMsnPers.EDIPI = tblPersonnel.EDIPI " _
& "SET tblMsnPers.NameStr = [tblPersonnel].[NameStr], " _
& "tblMsnPers.Errors = [tblPersonnel].[ScrubErrors], " _
& "tblMsnPers.PT = [tblPersonnel].[ScrubFitDate], " _
& "tblMsnPers.vRED = [tblPersonnel].[ScrubvRED], " _
& "tblMsnPers.ISOPREP = [tblPersonnel].[ISOPREP], " _
& "tblMsnPers.[2760] = [tblPersonnel].[Scrub2760], " _
& "tblMsnPers.Checklist = [tblPersonnel].[ScrubStatus], " _
& "tblMsnPers.IMR = [tblPersonnel].[ScrubShots], " _
& "tblMsnPers.Review = [tblPersonnel].[ReviewDate], " _
& "tblMsnPers.ATL1 = [tblPersonnel].[ATL1], " _
& "tblMsnPers.SERE = [tblPersonnel].[SERE], " _
& "tblMsnPers.CED = [tblPersonnel].[CED], " _
& "tblMsnPers.GTCexp = [tblPersonnel].[ScrubGTC] " _
& "WHERE ((tblMsnPers.MsnID = " & Me.ID & ") AND (tblMsnPers.EDIPI = '" & Me.PerSelect & "'));"
DoCmd.RunSQL SqlStr2
DoCmd.SetWarnings True
I can't help but feel like there's a better way to write the SQL string here because full disclosure, I have barely half a clue on what I'm doing here, being a student of reverse-engineering and Google-Fu. Is there a better way to write the SQL string here?
I would use this
Dim rstPerson As Recordset
Dim rst As Recordset
Dim strSQL As String
strSQL = "SELECT * from tblersonal where EDIPI = '" & Me.PerSelect & "'"
Set rstPer = CurrentDb.OpenRecordset(strSQL)
Set rst = CurrentDb.OpenRecordset("tblMsnPers")
With rst
.AddNew
!MnID = Me.ID
!EDIPI = Me.PerSelect
!NameStr = rstPer!NameStr
!PriAlt = Me.cmbPriAlt
!Errors = rstPer!ScrubErrors
!PT = rstPer!ScrubFitDate
!vRED = rstPer!ScrubvRED
!ISOPREP = rstPer!ISOPREP
![2760] = rstPer!Scrub2760
!Checklist = rstPer!ScrubStatus
!IMR = rstPer!ScrubShots
!Review = rstPer!ReviewDate
.Update
.Close
End With
This works well since:
All of the data type checking is done for you. (", strings, # dates,
none for numbers)
You don't have messy concatenation.
You get parameter safe code (no sql injection - at least for update part).
It much less code. Far more readable.
And if you convert the data base to sql server, the above code will continue to work.
Related
been a while since I've posted so please forgive any formatting issues. Looking to update a table field with a value from another record in the same field in the same table.
I've declared two strings, and the strDeal string is coming back with the correct values when debugging. However when I introduce the string into the sql statement I can't the query to update the field. I'm not sure exactly what isn't working correctly, so any help would be appreciated.
The basics are I'm trying to update the Case_Qty field with a value from the same field in the same table based on the returned value from a subquery. Thanks!
Dim strDeal As String
Dim strSQL As String
strDeal = DMax("[Deal_No]", "[tblStructuresNoDAworking]", "[Structure_Name] = Forms!frmStructNoDASetup!Structure_Name AND [FG_Ind] = 0 AND [Deal_No] < Forms!frmStructNoDASetup!Deal_No")
strSQL = "UPDATE tblStructuresNoDAworking SET tblStructuresNoDAworking.Case_Qty = (SELECT [Case_Qty] FROM tblStructuresNoDAworking WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = '" & strDeal & "') WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = '" & Me.Deal_No.Value & "'"
DoCmd.RunSQL (strSQL)
Try this where you concatenate the values from the form:
Dim strDeal As String
Dim strSQL As String
strDeal = DMax("[Deal_No]", "[tblStructuresNoDAworking]", "[Structure_Name] = '" & Forms!frmStructNoDASetup!Structure_Name & "' AND [FG_Ind] = 0 AND [Deal_No] < '" & Forms!frmStructNoDASetup!Deal_No & "'")
strSQL = "UPDATE tblStructuresNoDAworking " & _
"SET tblStructuresNoDAworking.Case_Qty = " & _
" (SELECT [Case_Qty] " & _
" FROM tblStructuresNoDAworking " & _
" WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = '" & strDeal & "') " & _
"WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = '" & Me.Deal_No.Value & "'"
DoCmd.RunSQL strSQL
For numeric Deal:
Dim Deal As Long
Dim strSQL As String
Deal = DMax("[Deal_No]", "[tblStructuresNoDAworking]", "[Structure_Name] = '" & Forms!frmStructNoDASetup!Structure_Name & "' AND [FG_Ind] = 0 AND [Deal_No] < '" & Forms!frmStructNoDASetup!Deal_No & "'")
strSQL = "UPDATE tblStructuresNoDAworking " & _
"SET tblStructuresNoDAworking.Case_Qty = " & _
" (SELECT [Case_Qty] " & _
" FROM tblStructuresNoDAworking " & _
" WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = " & Deal & ") " & _
"WHERE [Structure_Name] = '" & Me.Structure_Name.Value & "' AND [Deal_No] = " & Me.Deal_No.Value & ""
DoCmd.RunSQL strSQL
Hello I just want to ask about my code. Why its showing error if I change the data type of ID_NO in short text? Btw database that I'm using is MS ACCESS
Dim i As Integer
i = dgMembers.CurrentRow.Index
currentid = dgMembers.Item(1, i).Value.ToString()
ds = New DataSet
adapter = New OleDbDataAdapter("update [FASA_MembersAccount] set ID_No = '" & txtMemberIDNo.Text & "',[FirstName] = '" & txtMemberFirstName.Text & "',[LastName] ='" & txtMemberLastName.Text & "',[Mobile_No] = '" & txtMemberMobileNo.Text & "',[Gender] = '" & cbMemberGender.Text & "',[Birthday] = '" & dtpMember.Text & "',[Password] = '" & txtMemberPassword.Text & "',[Address] = '" & txtMemberAddress.Text & "' where ID_No = " & currentid, conn)
adapter.Fill(ds, "FASA_MembersAccount")
Can somebody help me?
Here's an example of how to get your SQL code so you can run it in your database to check for syntax errors. Does this help?
Dim i As Integer
Dim strSQL as string
i = dgMembers.CurrentRow.Index
currentid = dgMembers.Item(1, i).Value.ToString()
ds = New DataSet
strSQL = "update [FASA_MembersAccount] set ID_No = '" & txtMemberIDNo.Text & "',[FirstName] = '" & txtMemberFirstName.Text & "',[LastName] ='" & txtMemberLastName.Text & "',[Mobile_No] = '" & txtMemberMobileNo.Text & "',[Gender] = '" & cbMemberGender.Text & "',[Birthday] = '" & dtpMember.Text & "',[Password] = '" & txtMemberPassword.Text & "',[Address] = '" & txtMemberAddress.Text & "' where ID_No = " & currentid
'--- Set your breakpoint here and use the immediate window to ?strSQL then copy/paste your command into ms-access
adapter = New OleDbDataAdapter(strSQL, conn)
adapter.Fill(ds, "FASA_MembersAccount")
I am using Access 2016 and I am running into an error where a memo field gets updated and people are using apostrophes and it interferes with the code to update. The code works great and it updates the table for specific values unless there is an apostrophe present. No amount of parentheses or brackets have resolved this issue to isolate the apostrophes in text from the code. I would prefer suggestions that would I allow me to have apoostrophes if possible.
Private Sub btnlledit_Click()
Dim SQL As String
SQL = "UPDATE tblll " & _
"SET [LLN] = '" & Forms!frmaddll!txtlln & "',[REF] = '" & Forms!frmaddll!txtllref & "',[TRN] = '" & Forms!frmaddll!txtlltr & "',[HN] = '" & Forms!frmaddll!txtllhull & "', [LL] = '" & Forms!frmaddll!txtll & "',[CA] = '" & Forms!frmaddll!txtllca & "',[CP] = '" & Forms!frmaddll!txtllcomponent & "',[LOC] = '" & Forms!frmaddll!txtllloc & "',[LFSE] = '" & Forms!frmaddll!txtlllfse & "',[FC] = '" & Forms!frmaddll!txtllfc & "' " & _
"WHERE [LLN] = '" & Forms!frmaddll!txtlln.Value & "';"
DoCmd.RunSQL SQL
DoCmd.Requery
Me.Refresh
End Sub
I've cut down your SQL to give you an idea.
The first line of SQL are the parameters - note the ; at the end of the first line.
Private Sub btnlledit_Click()
Dim qdf As DAO.QueryDef
Set qdf = CurrentDb.CreateQueryDef("", _
"PARAMETERS LLN_Value TEXT(255), REF_Value TEXT(255), TRN_Value TEXT(255); " & _
"UPDATE tblll " & _
"SET LLN = LLN_Value, REF = REF_Value, TRN = TRN_Value " & _
"WHERE LLN = LLN_Value")
With qdf
.Parameters("LLN_Value") = Forms!frmaddll!txtlln
.Parameters("REF_Value") = Forms!frmaddll!txtllref
.Parameters("TRN_Value") = Forms!frmaddll!txtlltr
.Execute
End With
End Sub
A better way would be to move the execution of the query to another procedure and pass the required values to that:
Public Sub MyQuery(My_LLN_Value AS String, My_Ref_Value AS String, My_TRN_Value AS String)
Dim qdf As DAO.QueryDef
Set qdf = CurrentDb.CreateQueryDef("", _
"PARAMETERS LLN_Value TEXT(255), REF_Value TEXT(255), TRN_Value TEXT(255); " & _
"UPDATE tblll " & _
"SET LLN = LLN_Value, REF = REF_Value, TRN = TRN_Value " & _
"WHERE LLN = LLN_Value")
With qdf
.Parameters("LLN_Value") = My_LLN_Value
.Parameters("REF_Value") = My_Ref_Value
.Parameters("TRN_Value") = My_TRN_Value
.Execute
End With
End Sub
You can then call this procedure from your button click:
Private Sub btnlledit_Click()
MyQuery Forms!frmaddll!txtlln, Forms!frmaddll!txtllref, Forms!frmaddll!txtlltr
End Sub
Or from elsewhere, and getting your values from elsewhere to:
Public Sub Test
Dim Second_Arg AS String
Second_Arg = "Some Reference Value"
MyQuery Forms!frmaddll!txtlln, Second_Arg, "Third Argument"
End Sub
I said in a minute but had other stuff (+ writing this in VBA is a torture):
Dim SQL As String
SQL = "UPDATE tblll " & _
"SET [REF] = #ref,[TRN] = #trn,[HN] = #hn" & _
", [LL] = #ll,[CA] = #ca,[CP] = #cp,[LOC] = #loc " & _
", [LFSE] = #lfse, [FC] = #fc" & _
"WHERE [LLN] = #lln";"
Dim oConnection As ADODB.Connection
Dim oCommand As ADODB.Command
Set oConnection = New ADODB.Connection
Set oCommand = New ADODB.Command
oConnection.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=c:\MyFolder\MyData.accdb;"
oConnection.Open
oCommand.ActiveConnection = oConnection
oCommand.CommandText = SQL
oCommand.Parameters.Append oCommand.CreateParameter("#ref", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#trn", adVarChar, adParamInput, 100)
oCommand.Parameters.Append oCommand.CreateParameter("#hn", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#ll", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#ca", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#cp", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#loc", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#lfse", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#fc", adInteger)
oCommand.Parameters.Append oCommand.CreateParameter("#lln", adInteger)
oCommand.Parameters("#ref" ).Value = Forms!frmaddll!txtref.Value
oCommand.Parameters("#trn" ).Value = Forms!frmaddll!txttrn.Value
oCommand.Parameters("#hn" ).Value = Forms!frmaddll!txthn.Value
oCommand.Parameters("#ll" ).Value = Forms!frmaddll!txtll.Value
oCommand.Parameters("#ca" ).Value = Forms!frmaddll!txtca.Value
oCommand.Parameters("#cp" ).Value = Forms!frmaddll!txtcp.Value
oCommand.Parameters("#loc" ).Value = Forms!frmaddll!txtloc.Value
oCommand.Parameters("#lfse").Value = Forms!frmaddll!txtlfse.Value
oCommand.Parameters("#fc" ).Value = Forms!frmaddll!txtfc.Value
oCommand.Parameters("#lln" ).Value = Forms!frmaddll!txtlln.Value
oCmd.Execute
This code is not specifically an access code but VBA (that you can execute from any VBA environment, say Excel, Word ...).
Since I don't know your fields, parameter types are just for sampling. The important thing here is, you have to define the parameters in the same order as they appear in your query string. After appending the parameters, you are free to set their values in any order you like (that is a limitation in driver I think, parameters are not named but positional).
NOTE: I dropped initial LLN= because you were searching for it and setting to the same value (IOW no change).
Single quotes are escaped by doubling them up, just as you've shown us in your example. The following SQL illustrates this functionality.
BTW, Go for SQL Parameter instead of these inline SQL Injection.
Try like below:
Private Sub btnlledit_Click()
Dim SQL As String
SQL = "UPDATE tblll " & _
"SET [LLN] = '" & Forms!frmaddll!txtlln & "',[REF] = '" & Forms!frmaddll!txtllref & "',[TRN] = '" & Forms!frmaddll!txtlltr & "',[HN] = '" & Forms!frmaddll!txtllhull & "', [LL] = '" & Forms!frmaddll!txtll & "',[CA] = '" & Forms!frmaddll!txtllca & "',[CP] = '" & Forms!frmaddll!txtllcomponent & "',[LOC] = '" & Forms!frmaddll!txtllloc & "',[LFSE] = '" & Forms!frmaddll!txtlllfse & "',[FC] = '" & Forms!frmaddll!txtllfc & "' " & _
"WHERE [LLN] = '" & Forms!frmaddll!txtlln.Value & "';"
Replace (SQL, "'", "''")
DoCmd.RunSQL SQL
DoCmd.Requery
Me.Refresh
End Sub
I have a few controls that are number and short date format in my tables also the date controls are masked to mm/dd/yyyy. Some of the fields that are loaded into the form are blank from the original table and so when executing the sql I am essentially evaluating the wrong thing whether Im checking for '' or Null. as '' fails as text for date number and the fields are not actually blank.
strSQL4 = "UPDATE [tblDetails] SET " & _
"[Proposed] = IIF(IsNull(" & Forms!frmEdit.txtProposed.Value & "),0," & Forms!frmEdit.txtProposed.Value & "), " & _
"[Multi] = IIF(IsNull(" & Forms!frmEdit.txtMulitplier.Value & "),0," & Forms!frmEdit.txtMulitplier.Value & "), " & _
"[Rational] = '" & Forms!frmEdit.txtRational.Value & "' " & _
" WHERE [RNumber] = '" & Forms!frmEdit.cmbUpdate.Value & "'"
Debug.Print strSQL4
dbs.Execute strSQL4
ERROR 3075 Wrong number of arguments used with function in query expression
'IIF(IsNull(),0,'
I also tried entering the field itself suggested from another site
strSQL4 = "UPDATE [tblDetails] SET " & _
"[Proposed] = IIF(" & Forms!frmEdit.txtProposed.Value & "='',[Proposed]," & Forms!frmEdit.txtProposed.Value & "), " & _
" WHERE [RNumber] = '" & Forms!frmEdit.cmbUpdate.Value & "'"
Debug.Print strSQL4
dbs.Execute strSQL4
Same Error 3075 'IIF(IsNull(),0,[ProposedHrs]'
***also fails if I use the IIF(IsNull method as opposed to the =''
I did not paste an example of the dates failing, but is the same idea, not null but is blank, but cant seem to update back to blank again or even skip maybe?
Thanks to anyone in advance.
Update-1 from attempting Erik Von Asmuth code <--Thanks btw!
Set qdf = db.CreateQueryDef("", & _
"UPDATE [tblDetails] SET " & _
"[Proposed] = #Proposed, " & _
"[Multi] = #Multi, " & _
"[Rational] = #Rational " & _
"WHERE [RNumber] = #RNumber")
This portion is all red and the first "&" is highlighted after closing the notification window
Compile error:
Expected: expression
Update-2: I moved the update to the first line and it seems to be working. Set qdf = db.CreateQueryDef("", "UPDATE [tblDetails] SET " & _
I am going to try this method with the dates fields next.
Update-3: when attempting the same parameterization with textbox's masked with 99/99/0000;0;_ I am receiving item not found in collection? I have checked the spelling several times and everything seems ok. I tried the following three formats so set parameter DateRcvd, can anyone comment if this is correct for a text box with dates?
qdf.Parameters("#DateRcvd") = IIf(Nz(Forms!frmEdit.txtDateRcvd.Value) = "", 0, Forms!frmEdit.txtDateRcvd.Value)
qdf.Parameters("#DateRcvd") = IIf(IsNull(Forms!frmEdit.txtDateRcvd.Value), 0, Forms!frmEdit.txtDateRcvd.Value)
qdf.Parameters("#DateRcvd") = IIf(Forms!frmEdit.txtDateRcvd.Value = "", 0, Forms!frmEdit.txtDateRcvd.Value)
Update-4:
Dim qdf2 As DAO.QueryDef
Set db = CurrentDb
Set qdf2 = db.CreateQueryDef("", "UPDATE [tblDetails] SET " & _
"[DateReceived] = #DateRcvd " & _
"WHERE [RNumber] = #RNumber")
qdf.Parameters("#DateRcvd") = IIf(Nz(Forms!frmEdit.txtDateRcvd.Value) = "", 0, Forms!frmEdit.txtDateRcvd.Value)
qdf.Parameters("#RNumber") = Forms!frmEdit.cmbUpdate.Value
qdf2.Execute
Please Note text box txtDateRcvd has an Input Mask 99/99/0000;0;_ set within the properties of the textbox.
You should account for empty strings, and do that IIF statement in VBA instead of SQL:
strSQL4 = "UPDATE [tblDetails] SET " & _
"[Proposed] = " & IIF(Nz(Forms!frmEdit.txtProposed.Value) = "",0, Forms!frmEdit.txtProposed.Value) & ", " & _
"[Multi] = " & IIF(Nz(Forms!frmEdit.txtMulitplier.Value) = "",0, Forms!frmEdit.txtMulitplier.Value) & ", " & _
"[Rational] = '" & Forms!frmEdit.txtRational.Value & "' " & _
" WHERE [RNumber] = '" & Forms!frmEdit.cmbUpdate.Value & "'"
Or better yet, do it properly and parameterize the whole update so you can't get these kind of errors or SQL injection.
Example of how to do it properly:
Dim db As DAO.Database
Dim qdf As DAO.QueryDef
Set db = CurrentDb
Set qdf = db.CreateQueryDef("", _
"UPDATE [tblDetails] SET " & _
"[Proposed] = #Proposed, " & _
"[Multi] = #Multi, " & _
"[Rational] = #Rational " & _
"WHERE [RNumber] = #RNumber"
)
qdf.Parameters("#Proposed") = IIF(Nz(Forms!frmEdit.txtProposed.Value) = "",0, Forms!frmEdit.txtProposed.Value)
qdf.Parameters("#Multi") = IIF(Nz(Forms!frmEdit.txtMulitplier.Value) = "",0, Forms!frmEdit.txtMulitplier.Value)
qdf.Parameters("#Rational") = Forms!frmEdit.txtRational.Value
qdf.Parameters("#RNumber") = Forms!frmEdit.cmbUpdate.Value
qdf.Execute
I have been racking my brain with searching on the internet for the solution, but to no avail, I have been unsuccessful.
strSQL = "Update tTbl_LoginPermissions SET LoginName = '" & StrUserName & "', PWD = '" & StrPWD & "', fldPWDDate = '" & Now() & "'" & _
"WHERE intLoginPermUserID = " & MyMSIDColumn0
Once I get the error out, I would like to actually use this where clause:
'WHERE intLoginPermUserID IN (SELECT intCPIIUserID From vw_ADMIN_Frm_LoginBuilder)
Here is the entire code:
Dim con As ADODB.Connection
Dim cmd As ADODB.Command
Dim strSQL As String
Const cSQLConn = "DRIVER=SQL Server;SERVER=dbswd0027;UID=Mickey01;PWD=Mouse02;DATABASE=Regulatory;"
Dim StrUserName As String, StrPWD As String
'passing variables
StrUserName = FindUserName()
StrPWD = EncryptKey(Me.TxtConPWD)
'Declaring the SQL expression to be executed by the server
strSQL = "Update tTbl_LoginPermissions SET LoginName = '" & StrUserName & "', PWD = '" & StrPWD & "', fldPWDDate = '" & Now() & "#" & _
"WHERE intLoginPermUserID = " & MyMSIDColumn0
'WHERE intLoginPermUserID = ANY (SELECT intCPIIUserID From vw_ADMIN_Frm_LoginBuilder)
Debug.Print strSQL
'connect to SQL Server
Set con = New ADODB.Connection
With con
.ConnectionString = cSQLConn
.Open
End With
'write back
Set cmd = New ADODB.Command
With cmd
.ActiveConnection = con
.CommandText = strSQL
.CommandType = adCmdText
.Execute
Debug.Print strSQL
End With
'close connections
con.Close
Set cmd = Nothing
Set con = Nothing
MsgBox "You password has been set", vbInformation + vbOKOnly, "New Password"
NEWEST CODE Producing Error:
'/Declaring the SQL expression to be executed by the server
strSQL = "Update dbo_tTbl_LoginPermissions " _
& "SET LoginName = '" & StrUserName & "' " _
& "SET PWD = '" & StrPWD & "' " _
& "SET fldPWDDate = '" & Now() & "' " _
& "WHERE intLoginPermUserID = 3;"
I have gone to this site to try to figure out my mistake, but I still cannot figure it out:
After much dilberation and help, it turns out the FindUserName that utilizes a Win32API function was not trimming the Username appropriately.
I changed it to the following:
Public Function FindUserName() As String
' This procedure uses the Win32API function GetUserName
' to return the name of the user currently logged on to
' this machine. The Declare statement for the API function
' is located in the Declarations section of this module.
Dim strBuffer As String
Dim lngSize As Long
strBuffer = Space$(255)
lngSize = Len(strBuffer)
If GetUserName(strBuffer, lngSize) = 1 Then
FindUserName = Left$(strBuffer, lngSize - 1)
Else
FindUserName = "User Name not available"
End If
End Function
Public Declare Function GetUserName Lib "advapi32.dll" Alias "GetUserNameA" (ByVal lpBuffer As String, nSize As Long) As Long
Try this:
strSQL = "Update tTbl_LoginPermissions SET LoginName = '" & replace(StrUserName, "'", "''") & "', PWD = '" & replace(StrPWD, "'", "''") & "', fldPWDDate = '" & Now() & "'" & _
"WHERE intLoginPermUserID = " & MyMSIDColumn0
This was inevitably the code that corrected my (') mystery:
'/passing variables
StrUserName = FindUserName()
StrPWD = EncryptKey(Me.TxtConPWD)
StrUserId = Me.CboUser.Column(0)
'/Declaring the SQL expression to be executed by the server
strSQL = "Update tTbl_LoginPermissions SET " _
& "LoginName = '" & StrUserName & "' , " _
& "PWD = '" & StrPWD & "' ," _
& "fldPWDDate = '" & Now() & "' " _
& "WHERE intLoginPermUserID = '" & StrUserId & "'"