Edit/Update datagridview VB form - vb.net

When I try to edit and update the data in datagriview it comes up with an error message saying Operator '&' is not defined for type 'TextBox' and string "".
please help. Thanks
Here is my code
Private Sub btnaddrecord_Click(sender As Object, e As EventArgs) Handles btnaddrecord.Click
Dim cmd As New OleDb.OleDbCommand
If Not cnn.State = ConnectionState.Open Then
cnn.Open()
End If
cmd.Connection = cnn
If Me.IdentificationNotest.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO vehicledefects(Codenumber, vehiclereg, datereported, defects1, repaired1, defects2, repaired2, defects3, repaired3, datefixed) " & _
" VALUES(" & Me.IdentificationNotest.Text & ",'" & Me.vehiclereg.Text & "','" & Me.datereported.Text & "','" & Me.defects1.Text & "','" & Me.repaired1.Text & "','" & _
Me.defects2.Text & "','" & Me.repaired2.Text & "','" & _
Me.defects3.Text & "','" & Me.repaired3.Text & "','" & _
Me.datefixed.Text & "')"
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE vehicledefects" & _
" SET Codenumber =" & Me.IdentificationNotest.Text & _
", vehiclereg ='" & Me.vehiclereg.Text & "'" & _
", datereported ='" & Me.datereported.Text & "'" & _
", defects1 ='" & Me.defects1.Text & "'" & _
", repaired1 ='" & Me.repaired1.Text & "'" & _
", defects2 ='" & Me.defects2.Text & "'" & _
", repaired2='" & Me.repaired2.Text & "'" & _
", defects3='" & Me.defects3.Text & "'" & _
", repaired3='" & Me.repaired3.Text & "'" & _
", datefixed='" & Me.datefixed.Text & "'" & _
" WHERE Codenumber =" & Me.IdentificationNotest.Tag
cmd.ExecuteNonQuery()
End If
refreshdata()
Me.btnclear.PerformClick()
cnn.Close()
datefixed.Text = ""
IdentificationNotest.Text = ""
End Sub

In the future, you should also post the line number the error is being thrown on.
The error is telling you that you're doing something like:
dim myString as String = myTextBox & " some more text"
in this case, you would need to do:
dim myString as String = myTextBox.Text & " some more text"
In the code you posted, I wasn't able to find an instance of this - so perhaps its somewhere else in the code. Though, the code was hard to read so I may have missed it.
You may also be aware that this code is susceptible to SQL Injection attacks

Related

Access 2016 Error 3464 while coding for Update button

In access 2016 I'm trying to use an update command.I'm creating a database as my internship project as I'm unfamiliar with the coding I have been struggling a lot. I'm referring to a video by Setha Iech: https://www.youtube.com/watch?v=Ri2Y9-16AEo. When I'm using the below code an error continuously pops up
Error 3464
Private Sub cmdAdd_Click()
'when we click on button Add there are two options
'1. for insert
'2. for update
If Me.txtID.Tag & "" = "" Then
'this is for insert new
'add data to table
CurrentDb.Execute "INSERT INTO Business(ID, Project_ID, [Date_of_Enquiry], Division, Client, Description, Probability_to_win,Status, [Proposal_Submission_date], [Expected_award_date], Remarks)" & _
"VALUES ('" & Me.txtID & "','" & Me.txtProject_ID & "','" & Me.txtDate_of_Enquiry & "','" & Me.cboDivision & "','" & _
Me.txtClient & "','" & Me.txtDescription & "','" & Me.cboProbability_to_win & "','" & Me.cboStatus & "','" & Me.txtProposal_Submission_date & "','" & Me.txtExpected_award_date & "','" & Me.txtRemarks & "')"
Else
'otherwise (Tag of txtID store the ID of statement to be modified)
CurrentDb.Execute "UPDATE Business" & _
" SET ID=" & Me.txtID & _
", Project_ID='" & Me.txtProject_ID & "'" & _
", Date_of_Enquiry='" & Me.txtDate_of_Enquiry & "'" & _
", Division='" & Me.cboDivision & "'" & _
", Client='" & Me.txtClient & "'" & _
", Description='" & Me.txtDescription & "'" & _
", Probability_to_win='" & Me.cboProbability_to_win & "'" & _
", Status='" & Me.cboStatus & "'" & _
", Proposal_Submission_date='" & Me.txtProposal_Submission_date & "'" & _
", Expected_award_date='" & Me.txtExpected_award_date & "'" & _
", Remarks='" & Me.txtRemarks & "'" & _
" WHERE ID=" & Me.txtID.Tag
End If
'clear form
cmdClear_Click
'refresh data in list on form
databasesub.Form.Requery
End Sub
Thank you for your answers in advance

"Data type mismatch in criteria expression" while saving a file to access database

I am trying to save this record in an Access database, but I encounter the following error when I click the save button:
"Data type mismatch in criteria expression" highlighting "dcProducts.ExecuteNonQuery"
Code:
conn.Open()
strProduct = "insert into Products_Table values('" & Val(txtProductID.Text) & _
"',' " & txtProductName.Text & _
"','" & cboUoM.Text & _
"','" & txtRemarks.Text & _
"','" & txtPrice.Text & "')"
dcProduct = New OleDbCommand(strProduct, conn)
dcProduct.ExecuteNonQuery()
For i = 0 To dgvRawMaterials.RowCount - 2
strRawMaterial = "insert into BillsofMaterials values('" & Val((dgvRawMaterials.Item(0, i).Value)) & _
"',' " & Val(dgvRawMaterials.Item(2, i).Value) & "')"
dcRawMaterial = New OleDbCommand(strRawMaterial, conn)
dcRawMaterial.ExecuteNonQuery()
Next

Syntax error when executing INSERT INTO statement

I input the Right dataSource but it didnt i cant fixed the problem cmd.ExecuteNonQuery()
saying:
Syntax error in INSERT INTO statement.
Code:
Private Sub btnadd1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnadd1.Click
Dim cmd As New OleDb.OleDbCommand
Dim Printlist1 As New DataTable
If Not con.State = ConnectionState.Open Then
con.ConnectionString = "Provider=Microsoft.Ace.OLEDB.12.0; Data Source=c:Database11.accdb"
con.Open()
cmd.Connection = con
End If
If Me.text1.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, Description, Company, Department, Location, User, SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(" & Me.text1.Text & ",'" & Me.text2.Text & "','" & _
Me.text3.Text & "','" & Me.text4.Text & "','" & Me.text5.Text & "','" & _
Me.text6.Text & "','" & Me.text7.Text & "','" & Me.text8.Text & "','" & _
Me.text9.Text & "','" & Me.text10.Text & "','" & Me.text11.Text & "','" & _
Me.text12.Text & "')"
cmd = New OleDbCommand(cmd.CommandText, con)
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE Printlist1 " & _
" SET StickerCode='" & Me.text1.Text & _
", Description='" & Me.text2.Text & "'" & _
", Company='" & Me.text3.Text & "'" & _
", Department='" & Me.text4.Text & "'" & _
", Location='" & Me.text5.Text & "'" & _
", User='" & Me.text6.Text & "'" & _
", SerialNumber='" & Me.text7.Text & "'" & _
", DatePurchased='" & Me.text8.Text & "'" & _
", Tagable='" & Me.text9.Text & "'" & _
", Quantity='" & Me.text10.Text & "'" & _
", Brand='" & Me.text11.Text & "'" & _
", Model='" & Me.text12.Text & "'" & _
" WHERE text1=" & Me.text1.Tag
cmd.ExecuteNonQuery()
End If
RefreshData()
Me.btnclear1.PerformClick()
con.Close()
End Sub
Use a parameterized query, like this:
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, Description, Company, Department, Location, User, SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(#StickerCode, #Description, #Company, #Department, #Location, #User, #SerialNumber, #DatePurchased, #Tagable, #Quantity, #Brand, #Model)"
cmd.Parameters.AddWithValue("#StickerCode", Me.Text1.Text)
cmd.Parameters.AddWithValue("#Description", Me.Text2.Text)
cmd.Parameters.AddWithValue("#Company", Me.Text3.Text)
cmd.Parameters.AddWithValue("#Department", Me.Text4.Text)
cmd.Parameters.AddWithValue("#Location", Me.Text5.Text)
cmd.Parameters.AddWithValue("#User", Me.Text6.Text)
cmd.Parameters.AddWithValue("#SerialNumber", Me.Text7.Text)
cmd.Parameters.AddWithValue("#DatePurchased", Me.Text8.Text)
cmd.Parameters.AddWithValue("#Tagable", Me.Text9.Text)
cmd.Parameters.AddWithValue("#Quantity", Me.Text10.Text)
cmd.Parameters.AddWithValue("#Brand", Me.Text11.Text)
cmd.Parameters.AddWithValue("#Model", Me.Text12.Text)
Note: It is best to keep the order of the parameters in line with the query, as databases like Microsoft Access will not execute the query correctly if the order is altered.
It is likely that one of your Me.textN.Text values has an apostrophe in it or some other unexpected character that is breaking your SQL quotes. The solution to this is to use parametized queries and/or stored procedure instead.
This incidentally, will also protect you form the SQL Injection attacks that take advantage of the same shortcoming in composing SQL commands as strings in the client application.
(NOTE: I am assuming the Me.text1.Text as the StickerCode is a number. Otherwise that's the problem as you are not quoting it the way you do with the other columns.)
First line is missing as '
...
"SET StickerCode='" & Me.text1.Text & "'" & _
...
You are missing single quotes around your first value. Try
" VALUES('" & Me.text1.Text & "','" & Me.text2.Text & "','" & _
Me.text3.Text & "','" & Me.text4.Text & "','" & Me.text5.Text & "','" & _
Me.text6.Text & "','" & Me.text7.Text & "','" & Me.text8.Text & "','" & _
Me.text9.Text & "','" & Me.text10.Text & "','" & Me.text11.Text & "','" & _
Me.text12.Text & "')"

Syntax error in INSERT INTO Statement in vb.net

I am getting and syntax error in insert into statement. IF statement is working just fine just getting this error when it's trying to save the information
Private Sub btnSave_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSave.Click
If txt12Per.Text >= TextBox12.Text And txtGPer.Text >= TextBox11.Text And TextBox1.Text >= TextBox10.Text Then
Try
'Dim da As OleDb.OleDbDataAdapter
Dim dbprovider As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Taher\Documents\Visual Studio 2010\Projects\WindowsApplication1\WindowsApplication1\Database1.accdb;Persist Security Info=False;"
Me.con = New OleDb.OleDbConnection()
con.ConnectionString = dbprovider
con.Open()
Dim sqlquery As String = "INSERT INTO MCAscheduled (URno,SName,hsc,gper,pgper,pstatus,cname,hrname,position,hscinter,ginter,pginter,comments)" + "VALUES (" & CInt(txtUrn.Text) & ",'" & txtName.Text & "'," & CInt(txt12Per.Text) & "," & CInt(txtGPer.Text) & "," & CInt(TextBox1.Text) & ",'" & ComboBox2.Text & "','" & TextBox3.Text & "','" & TextBox4.Text & "','" & ComboBox4.Text & "'," & CInt(TextBox12.Text) & "," & CInt(TextBox11.Text) & "," & CInt(TextBox10.Text) & ",'" & TextBox9.Text & "');"
Dim sqlcommand As New OleDb.OleDbCommand(sqlquery)
With sqlcommand
.CommandText = sqlquery
.Connection = con
.ExecuteNonQuery()
con.Close()
txtUrn.Text = ""
txt12Per.Text = ""
txtGPer.Text = ""
txtName.Text = ""
cmbNameofGCourse.Text = ""
End With
MsgBox("Record Added")
Catch ex As Exception
MsgBox(ex.ToString)
End Try
Else
MsgBox("Student Not eligible for the requested company")
End If
End Sub
Can somebody help me with this....
You are trying to insert into 13 columns but provide only 11 values!
You have 13 fields to insert values in, but only 11 values.
Use brackets and it will work fine.
Dim sqlquery As String = "INSERT INTO MCAscheduled **([URno],[SName],[hsc],[gper],[pgper],[pstatus],[cname],[hrname],[position],[hscinter],[ginter],[pginter],[comments])"** + "VALUES (" & CInt(txtUrn.Text) & ",'" & txtName.Text & "'," & CInt(txt12Per.Text) & "," & CInt(txtGPer.Text) & "," & CInt(TextBox1.Text) & ",'" & ComboBox2.Text & "','" & TextBox3.Text & "','" & TextBox4.Text & "','" & ComboBox4.Text & "'," & CInt(TextBox12.Text) & "," & CInt(TextBox11.Text) & "," & CInt(TextBox10.Text) & ",'" & TextBox9.Text & "');"
had to change the position field to something else don't know why but it worked
Dim sqlquery As String = "INSERT INTO MCAscheduled (URno,sname,hsc,gper,pgper,pstatus,cname,hrname,hscinter,ginter,pginter,comments,post,course,pcourse)" + "VALUES (" & CInt(txtUrn.Text) & ",'" & txtName.Text & "'," & CInt(txt12Per.Text) & "," & CInt(txtGPer.Text) & "," & CInt(TextBox1.Text) & ",'" & ComboBox2.Text & "','" & TextBox3.Text & "','" & TextBox4.Text & "'," & CInt(TextBox12.Text) & "," & CInt(TextBox11.Text) & "," & CInt(TextBox10.Text) & ",'" & TextBox9.Text & "','" & ComboBox1.Text & "','" & cmbNameofGCourse.Text & "','" & TextBox5.Text & "');"

app.config connection string does not work

this piece of code works fine....
Private Sub save()
Dim con As New SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=D:\Chuttu VB\Projects\LIC\LIC.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True")
Dim sql As New SqlClient.SqlCommand("INSERT INTO ProposerDetails " & _
"VALUES (" & Convert.ToInt32(PolicyNumberTextBox.Text) & ",'" & NameTextBox.Text & "','" & AgeTextBox.Text & "','" & PhoneTextBox.Text & "','" & AddressTextBox.Text & "','" _
& NomineeTextBox.Text & "','" & NomineeRelationTextBox.Text & "'," & PlanID() & ",'" & PolicyTermTextBox.Text & "','" & PremiumAmountTextBox.Text & "','" _
& PremiumTypeComboBox.Text & "','" & SumProposedTextBox.Text & "','Date' )", con)
MsgBox(sql.CommandText)
con.Open()
MsgBox(con.State.ToString)
Dim i As Integer = sql.ExecuteNonQuery
MsgBox(i.ToString)
con.Close()
sql.Dispose()
con.Dispose()
ToolStripStatusLabelMessage.Text = "Saved"
End Sub
as soon as i change the connection string to the connection string from app.config it stops working(adding data to DB)
Private Sub save()
Dim con As New SqlClient.SqlConnection(LIC.My.Settings.LICConnectionString)
Dim sql As New SqlClient.SqlCommand("INSERT INTO ProposerDetails " & _
"VALUES (" & Convert.ToInt32(PolicyNumberTextBox.Text) & ",'" & NameTextBox.Text & "','" & AgeTextBox.Text & "','" & PhoneTextBox.Text & "','" & AddressTextBox.Text & "','" _
& NomineeTextBox.Text & "','" & NomineeRelationTextBox.Text & "'," & PlanID() & ",'" & PolicyTermTextBox.Text & "','" & PremiumAmountTextBox.Text & "','" _
& PremiumTypeComboBox.Text & "','" & SumProposedTextBox.Text & "','Date' )", con)
MsgBox(sql.CommandText)
con.Open()
MsgBox(con.State.ToString)
Dim i As Integer = sql.ExecuteNonQuery
MsgBox(i.ToString)
con.Close()
sql.Dispose()
con.Dispose()
ToolStripStatusLabelMessage.Text = "Saved"
End Sub
NOTE: I get no errors.
Here is a short deal explanation.
This is how you use a connection string from the config file.
Dim sqlConn as SqlConnection = new SqlConnection(ConfigurationManager.ConnectionStrings("myConnectionString").ConnectionString)
Here is a link to how to do a parameterized queries
Try changing LIC.My.Settings.LICConnectionString
to ConfigurationManager.ConnectionStrings["LICConnectionString"].ConnectionString