I get syntax error in INSERT INTO statement when trying to insert into access db. The snippet where the error occurs is,
If (checkBox.IsChecked) Then
cmd.CommandText = "INSERT INTO Participants([Full Name],[From],[Gender],[Category],[Event],[Weight],[DOB],[Age]) VALUES(" + textBox.Text + "," + textBox_Copy2.Text + "," + gender + "," + comboBox.SelectedItem.ToString + "," + "Kata" + "," + textBox_Copy.Text + "," + dp.Text + "," + textBox_Copy1.Text
cmd.ExecuteNonQuery()
End If
If (checkBox_Copy2.IsChecked) Then
cmd.CommandText = "INSERT INTO Participants([Full Name],[From],[Gender],[Category],[Event],[Weight],[DOB],[Age]) VALUES(" + textBox.Text + "," + textBox_Copy2.Text + "," + gender + "," + comboBox.SelectedItem.ToString + "," + "Kumite" + "," + textBox_Copy.Text + "," + dp.Text + "," + textBox_Copy1.Text
cmd.ExecuteNonQuery()
End If
If (checkBox_Copy1.IsChecked) Then
cmd.CommandText = "INSERT INTO Participants([Full Name],[From],[Gender],[Category],[Event],[Weight],[DOB],[Age]) VALUES(" + textBox.Text + "," + textBox_Copy2.Text + "," + gender + "," + comboBox.SelectedItem.ToString + "," + "Team Kata" + "," + textBox_Copy.Text + "," + dp.Text + "," + textBox_Copy1.Text
cmd.ExecuteNonQuery()
End If
If (checkBox_Copy.IsChecked) Then
cmd.CommandText = "INSERT INTO Participants([Full Name],[From],[Gender],[Category],[Event],[Weight],[DOB],[Age]) VALUES(" + textBox.Text + "," + textBox_Copy2.Text + "," + gender + "," + comboBox.SelectedItem.ToString + "," + "Team Kumite" + "," + textBox_Copy.Text + "," + dp.Text + "," + textBox_Copy1.Text
cmd.ExecuteNonQuery()
End If
For text fields you have to enclose the value in the VALUES clause in quotes. Note the single quotes in this example
"INSERT INTO Participants([Full Name]) VALUES ('" + textBox.Text + "')"
However you would be much better off using parameters instead of putting the values right in the SQL statement. See this
https://msdn.microsoft.com/en-us/library/tyy0sz6b(v=vs.110).aspx
Related
I have asp.net application to upload database on a remote server using SQLCMD, but the command is not executed. If I execute it in cmd directly it works fine. Here is the code
Dim output
Dim result As String = ""
p.StartInfo.UseShellExecute = False
p.StartInfo.CreateNoWindow = True
p.StartInfo.RedirectStandardInput = True
p.StartInfo.RedirectStandardOutput = True
p.StartInfo.RedirectStandardError = True
p.StartInfo.Verb = "runas"
p.StartInfo.FileName = "cmd.exe"
'p.StartInfo.Arguments = "/c sqlcmd -S " + serverIP + " -U " + sa + " -P " + P#ssw0rd + " -Q" + Chr(34) + " RESTORE DATABASE " + txtDatabaseName.Text + " FROM DISK=" + Chr(39) + dbPath + Chr(39) + " with move " + Chr(39) + oldmdf + Chr(39) + " to 'C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\DATA\" + mdf + Chr(39) + ", move " + Chr(39) + oldLog + Chr(39) + " to 'C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\DATA\" + txtDatabaseName.Text + "_log.ldf'" + " CREATE Login " + txtDatabaseUser.Text + " WITH PASSWORD = " + Chr(39) + txtDatabasePassword.Text + Chr(39) + ";" + Chr(34)
p.StartInfo.Arguments = "/c sqlcmd -S " + ddlDatabaseServerURL.SelectedValue + " -U " + txtDatabaseServerUsername.Text + " -P " + txtDatabaseServerPassword.Text + " -Q" + Chr(34) + " RESTORE DATABASE " + txtDatabaseName.Text + " FROM DISK=" + Chr(39) + dbPath + Chr(39) + " with move " + Chr(39) + oldmdf + Chr(39) + " to 'F:\MSSQL12.MSSQLSERVER\MSSQL\DATA\" + mdf + Chr(39) + ", move " + Chr(39) + oldLog + Chr(39) + " to 'F:\MSSQL12.MSSQLSERVER\MSSQL\DATA\" + txtDatabaseName.Text + "_log.ldf'" + " CREATE Login " + txtDatabaseUser.Text + " WITH PASSWORD = " + Chr(39) + txtDatabasePassword.Text + Chr(39) + ";" + Chr(34)
Dim strFile As String = "C:\inetpub\vhost\Endpoint_Website\Endpoint_EB\mylog.txt"
Dim fileExists As Boolean = File.Exists(strFile)
Using sw As New StreamWriter(File.Open(strFile, FileMode.OpenOrCreate))
sw.WriteLine(
IIf(fileExists, p.StartInfo.Arguments, Nothing))
End Using
p.Start()
output = p.StandardOutput.ReadToEnd()
Im trying to send json object in Outlook using vba. Here is my code:
Dim Msg As Outlook.MeetingItem
Set Msg = Item
Set recips = Msg.Recipients
Dim regEx As New RegExp
regEx.Pattern = "^\w+\s\w+,\sI351$"
Dim URL As String
URL = "https://webhook.site/55759d1a-7892-4c20-8d15-3b8b7f1bf3b3"
For Each recip In recips
If regEx.Test(recip.AddressEntry) And recip.AddressEntry <> "Application Management Linux1, I351" Then
Dim convertedJson As Object
Set convertedJson = JsonConverter.ParseJson("{""fields"": 123}")
Set xhr = CreateObject("MSXML2.ServerXMLHTTP.6.0")
xhr.Open "POST", URL, False
xhr.setRequestHeader "Content-Type", "application/json"
xhr.Send (convertedJson)
End If
Next
If I send just plane text it works well but i can't send convertedJson. Is it possible to send an object?
UPDATE
I can't even do Debug.Print convertedJson
I was tormented by these libraries in the end I did a very terrible thing
Dim flds, prt, id, smry, descrp, issu, name, lfbrkt, rtbrkt, cma, dbdots, jsTest, issuName As String
flds = "'fields'"
prt = "'project'"
id = "'id'"
smry = "'summary'"
descrp = "'description'"
issu = "'issuetype'"
issuName = "'Improvement'"
name = "'name'"
lfbrkt = "{"
rtbrkt = "}"
cma = ","
dbdots = ":"
jsTest = lfbrkt + flds + dbdots + " " + lfbrkt + vbCrLf + vbTab + prt + dbdots + " " + lfbrkt + vbCrLf + vbTab + vbTab + id + dbdots + " " + "30611" + vbCrLf + vbTab + rtbrkt + cma + vbCrLf + vbTab + smry + dbdots + " " + "'" + CStr(Msg.Subject) + "'" + cma + vbCrLf + vbTab + descrp + dbdots + " " + "'" + CStr(Msg.Body) + "'" + cma + vbCrLf + vbTab + issu + dbdots + " " + lfbrkt + vbCrLf + vbTab + vbTab + name + dbdots + " " + issuName + vbCrLf + vbTab + rtbrkt + vbCrLf + rtbrkt + rtbrkt
And I got this
please help me. this is a uni project and I keep getting the error "Conversion from string "" to type 'Double' is not valid." even when I made sure that everything is in the correct type, everything with a value...etc.
I want to insert some new rows in my access database, here is a picture of the table that Im trying to insert into
enter image description here
and this is the code
the error appears at the select statement in the sub w()
Dim c As Integer
Dim b As Double
Dim a, d, z As String
a = "'" + TextBox1.Text + "'"
b = CInt(TextBox2.Text)
c = CInt(TextBox3.Text)
d = "'" + TextBox4.Text + "'"
z = "'" + ComboBox1.SelectedItem + "'"
If ComboBox1.SelectedItem = "الجبيل" Then
w("insert into employees (em_id,em_name,m_id,city,phone,salary,password)" & " values (" + 32111 + "," + a + "," + 12303 + "," + z + "," + c + "," + b + "," + d + ")")
ElseIf ComboBox1.SelectedItem = "جدة" Then
w("insert into employees (em_id,em_name,m_id,city,phone,salary,password)" & " values (" + 32111 + "," + a + "," + 12302 + "," + z + "," + c + "," + b + "," + d + ")")
ElseIf ComboBox1.SelectedItem = "الرياض" Then
w("insert into employees (em_id, em_name,m_id,city,phone,salary,password)" & " values (" + 32111 + "," + a + "," + 12301 + "," + z + "," + c + "," + b + "," + d + ")")
End If
MsgBox("تم إضافة السجل بنجاح")
TextBox1.Clear()
TextBox2.Clear()
TextBox3.Clear()
TextBox4.Clear()
the sub w("") is:
Public Sub w(ByVal s As String)
Dim cum As New OleDbCommand(s, con)
cum.ExecuteNonQuery()
End Sub
problem is that it works on different forms (to diffident tables and stuff), but not in here...
what should I do?
I have the following SQL statement which is giving me this error.
THIS IS NOT MY CODE!
"Error converting data type varchar to float" But i can't find the error.
I thnk the error is coming from this code:
birthday = (monthComboBox.SelectedItem) + "-" + (dayComboBox.SelectedIndex + 1) + "-" + yearTextBox.Text;
Int32 getIDBack = 0;
string query = "insert into reservation(first_name, last_name, birth_day, gender, phone_number, email_address, number_guest, street_address, apt_suite,city, state, zip_code, room_type, room_floor, room_number, total_bill,payment_type, card_type, card_number,card_exp,card_cvc, arrival_time, leaving_time, check_in, break_fast, lunch, dinner, supply_status, cleaning, towel, s_surprise, food_bill) values('" + firstNameTextBox.Text +
"', '" + lastNameTextBox.Text + "', '" + birthday + "', '" + genderComboBox.SelectedItem + "', '" + phoneNumberTextBox.Text + "', '" + emailTextBox.Text +
"', '" + (qtGuestComboBox.SelectedIndex + 1) + "', '" + addLabel.Text + "', '" + aptTextBox.Text + "', '" + cityTextBox.Text +
"', , '" + zipComboBox.Text + "', '" + roomTypeComboBox.SelectedItem + "', '" + floorComboBox.SelectedItem +
"', '" + roomNComboBox.SelectedItem + "', '" + finalizedTotalAmount + "', '" + paymentType +
"', '" + CardType + "','" + paymentCardNumber + "','" + MM_YY_Of_Card + "','" + CVC_Of_Card + "', '" + dateTimePicker1.Text + "', '" + dateTimePicker2.Text + "','" + checkin +
"', '" + breakfast + "','" + lunch + "','" + dinner + "', '" + foodStatus + "', '" + Convert.ToInt32(cleaning) + "', '" + Convert.ToInt32(towel) + "', '" + Convert.ToInt32(surprise) + "','" + foodBill + "');";
query += "SELECT CAST(scope_identity() AS int)";
SqlConnection connection = new SqlConnection(Hotel_Manager.Properties.Settings.Default.frontend_reservationConnectionString);
SqlCommand query_table = new SqlCommand(query, connection);
try
{
connection.Open();
getIDBack = (Int32)query_table.ExecuteScalar();
string userID = Convert.ToString(getIDBack);
SendSMS(getIDBack);
MetroFramework.MetroMessageBox.Show(this, "Entry successfully inserted into database. " + "\n\n" +
"Provide this unique ID to the customer." + "\n\n" +
"USER UNIQUE ID: " + userID, "Report", MessageBoxButtons.OK, MessageBoxIcon.Question);
connection.Close();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
ComboBoxItemsFromDataBase();
LoadForDataGridView();
reset_frontend();
GetOccupiedRoom();
ReservedRoom();
getChecked();
}
This generally means that one (or more) of the values is a number, rather than a string. If any of the values in a + expression is numeric, then the + is interpreted as addition rather than string concatenation.
One method is to find the offending values (such as finalizedTotalAmount) and then wrap them in conversions: cast(finalizedTotalAmount as varchar(255)).
A better way is to use parameterized queries, where the values are passed in as typed parameters. This is also safer because it prevents SQL injection.
Trying to get values from my table but having problem with my snytaxes
there is wrong type with "Group By" usage with "AND"
any help will be apriciated
"SELECT " + C_CINSIYET + " FROM " + TABLE_COMPANYS + " WHERE "
+ C_MARKA + " = '" + companyMarka.getComp_marka() + "'"
+ " AND " + C_FIRMA + " = '"
+ companyMarka.getComp_name() + "' GROUP BY "
+ C_CINSIYET + "AND"+C_FIRMA;