I am creating a simple UserID/Password access database for a Visual Basic program.
Everything works except adding a new user.
My text box Objects are linked to my database but I keep getting this error when I try to add my new user.
Error: An unhandled exception of type
'System.Data.OleDb.OleDbException' occurred in System.Data.dll
HERE IS MY CODE:
Imports System.Data.OleDb
Public Class newUser
Dim connString As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\PasswordCheck.accdb"
Dim conn As OleDbConnection = New OleDbConnection
Private Sub btnNewUser_Click(sender As Object, e As EventArgs) Handles btnNewUser.Click
Dim connString As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\PasswordCheck.accdb"
Dim conn As OleDbConnection = New OleDbConnection
conn.ConnectionString = connString
conn.Open()
Dim SaveNew As String = "INSERT INTO [Password] (UserId, Password, firstName, LastName) Values ('" & txtUserID.Text & "','" & txtPassword.Text & "','" & txtFirst.Text & "','" & txtLast.Text & "')"
Dim cmd As New OleDbCommand
cmd.Connection = conn
With cmd
.CommandText = SaveNew
.Connection = conn
.ExecuteNonQuery()
End With
MsgBox("You have been added to our Database")
txtUserID.Text = ""
txtPassword.Text = ""
txtFirst.Text = ""
txtLast.Text = ""
conn.Close()
End Sub
Private Function SaveNew() As String
Throw New NotImplementedException
End Function
End Class
Password is a reserved word also for a field, so:
Dim SaveNew As String = "INSERT INTO [Password] (UserId, [Password], FirstName, LastName) Values ('" & txtUserID.Text & "','" & txtPassword.Text & "','" & txtFirst.Text & "','" & txtLast.Text & "')"
And further, if UserID not is text, then no quotes:
Dim SaveNew As String = "INSERT INTO [Password] (UserId, [Password], FirstName, LastName) Values (" & txtUserID.Text & ",'" & txtPassword.Text & "','" & txtFirst.Text & "','" & txtLast.Text & "')"
That said, try to explorer how to carry this out using parameters. Much more fun than SQL concatenation.
My problem here is every time i want to save into the database, only two row in the datagridview can be save. why is that ? is it because of the two command of inserting ?
Here is my code:
Try
For Each column As DataGridViewRow In dtorder.Rows
Dim sqlconn As New OleDb.OleDbConnection
Dim sqlquery As String
Dim sqlquery1 As String
Dim cmd As New OleDb.OleDbCommand
Dim cmd1 As New OleDb.OleDbCommand
Dim connString As String
connString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\Bloodyjenk\Documents\POS system.accdb"
sqlconn.ConnectionString = connString
sqlconn.Open()
sqlquery = "INSERT INTO OrderedInfoName VALUES ('" & txtOrderNo.Text & "','" & column.Cells(0).Value & "','" & column.Cells(1).Value & "','" & column.Cells(2).Value & "','" & column.Cells(3).Value & "')"
sqlquery1 = "INSERT INTO Ordered VALUES ('" & txtOrderNo.Text & "','" & cmbTable.Text & "','" & cmbOrdertype.Text & "','" & lblDate.Text & "','" & lblStatus.Text & "','" & lblPrice.Text & "','" & lblDiscount.Text & "','" & lblSub.Text & "', 0, 0)"
cmd = New OleDb.OleDbCommand(sqlquery, sqlconn)
cmd1 = New OleDb.OleDbCommand(sqlquery1, sqlconn)
cmd.ExecuteNonQuery()
cmd1.ExecuteNonQuery()
sqlconn.Close()
Next
Catch ex As Exception
MsgBox("DONE")
OrderList.Show()
Me.Close()
End Try
I have the following code which adds a record to the DB. The code executes fine, however when I look in the DB, there is no data added! Any help greatly appreciated:
Dim Con As SqlConnection
Dim cmd As New SqlCommand
Dim connstring As String
connstring = "Data Source=(LocalDB)\v11.0;AttachDbFilename=|DataDirectory|\Assignment.mdf;Integrated Security=True;Connect Timeout=30"
Con = New SqlConnection(connstring)
Con.Open()
cmd = New SqlCommand("Insert into Rota ([Id],[Monday],[Tuesday],[Wednesday],[Thursday],[Friday],[Saturday],[Sunday],[UserID]) Values('" & chosen & "','" & mon & "','" & tues & "','" & wed & "','" & thur & "','" & fri & "','" & sat & "','" & sun & "','" & user & "')", Con)
cmd.ExecuteNonQuery()
MsgBox("done")
Con.Close()
I'm getting an error during my insert can someone take a look?
Table:
VB.NET
Dim Name As String = txtName.Text
Dim JoinDate As String = dpJoinDate.Value
Dim DOB As String = dpDOB.Value
Dim ParentsName As String = txtParentsName.Text
Dim School As String = txtSchool.Text
Dim STD As String = txtSTD.Text
Dim Address As String = txtAddress.Text
Dim EMail As String = txtEMail.Text
Dim Mobile1 As String = txtMobile1.Text
Dim Mobile2 As String = txtMobile2.Text
Dim DurationStart As Date = dpDurationStart.Value
Dim DurationEND As Date = dpDurationEND.Value
Dim Fees As Decimal = Decimal.Parse(0.0)
Dim MaterialFees As Decimal = Decimal.Parse(0.0)
Dim LateFees As Decimal = Decimal.Parse(0.0)
Dim NextRenewal As Date = dpNextRenewal.Value
Dim Centre As String = cbCentre.Text
Dim Coach As String = cbCoach.Text
Dim picture As String = lblFileName.Text
Try
Fees = Decimal.Parse(txtFees.Text)
Catch
End Try
Try
MaterialFees = Decimal.Parse(txtMaterialFees.Text)
Catch
End Try
Try
LateFees = Decimal.Parse(txtLateFees.Text)
Catch
End Try
Dim Cmd As OleDbCommand
Dim SQL As String
Dim objCmd As New OleDbCommand
Dim Con = New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=./AcademyDatabase.accdb;Persist Security Info=False;")
SQL = "INSERT INTO Student (FullName,JoinDate,DOB,ParentsName,School,STD,Address,EMail,Mobile1,Mobile2,DurationStart,DurationEND,Fees,MaterialFees,LateFees,NextRenewal,Centre,Coach,Image,DropOut) VALUES ('" _
& Name & "','" _
& JoinDate & "','" _
& DOB & "','" _
& ParentsName & "','" _
& School & "','" _
& STD & "','" _
& Address & "','" _
& EMail & "','" _
& Mobile1 & "','" _
& Mobile2 & "','" _
& DurationStart & "','" _
& DurationEND & "','" _
& Fees & "','" _
& MaterialFees & "','" _
& LateFees & "','" _
& NextRenewal & "','" _
& Centre & "','" _
& Coach & "','" _
& picture & "'," _
& "0)"
Cmd = New OleDbCommand(SQL, Con)
Con.Open()
objCmd = New OleDbCommand(SQL, Con)
Dim rowCount As Integer = 0
Try
rowCount = objCmd.ExecuteNonQuery()
Catch ex As Exception
Console.WriteLine(ex.Message)
End Try
Sql:
"INSERT INTO Student (FullName,JoinDate,DOB,ParentsName,School,STD,Address,EMail,Mobile1,Mobile2,DurationStart,DurationEND,Fees,MaterialFees,LateFees,NextRenewal,Centre,Coach,Image,DropOut) VALUES ('','3/13/2014','1/1/1900','','fadsasdffdas','','','','','','1/1/1900','1/1/1900','0','0','0','1/1/1900','','','',0)"
IMAGE is a reserved keyword. If you want to use it for a column name, then your need to encapsulate it with square brackets
"INSERT INTO Student " & _
"(FullName,JoinDate,DOB,ParentsName,School,STD,Address," & _
"EMail,Mobile1,Mobile2,DurationStart,DurationEND,Fees," & _
"MaterialFees,LateFees,NextRenewal,Centre,Coach,[Image],DropOut) VALUES ...."
If you are still able to do so, I suggest to change the name of that column to a NON reserved keyword, otherwise you will alway have this problem when you try to use that column.
Said that, please, read about parameterized queries. Your code has a big problem and it is called SQL Injection (not to mention the parsing problems for strings, date and decimals)
SQL = "INSERT INTO Student " & _
"(FullName,JoinDate,DOB,ParentsName,School,STD,Address," & _
"EMail,Mobile1,Mobile2,DurationStart,DurationEND,Fees," & _
"MaterialFees,LateFees,NextRenewal,Centre,Coach,[Image],DropOut) " & _
"?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,0)"
Con.Open()
objCmd = New OleDbCommand(SQL, Con)
objCmd.Parameters.AddWithValue("#p1", Name)
objCmd.Parameters.AddWithValue("#p2", JoinDate)
.... add the other missing parameters with their values.....
objCmd.Parameters.AddWithValue("#p18", picture)
Dim rowCount As Integer = 0
rowCount = objCmd.ExecuteNonQuery()
I'm trying to insert record in multiple table at a time using sqldataadapter and sqltransaction. i use the following code. but it is not working. help me plz....... tell me the problem in this code
Dim cn As New SqlConnection("Data Source=.\SQLEXPRESS;Initial Catalog=AMHSDB;Integrated Security=True")
Dim da As New SqlDataAdapter
Dim ds As New DataSet
Dim trans As SqlTransaction
Dim tot As Integer
Public Sub RecordSave()
tot = CInt(TB3.Text.Trim) + CInt(TB4.Text.Trim) + CInt(TB5.Text.Trim) + CInt(TB6.Text.Trim)
Dim yr As String
yr = Now.Year()
Try
cn.Open()
trans = cn.BeginTransaction()
da.InsertCommand.Transaction = trans
da.InsertCommand = New SqlCommand("INSERT INTO[FTUT_tbl] (roll_no,s_name,class,session,eng_i,ben,math,stu_wor,gra_tot) VALUES ('" & TB1.Text.Trim & "','" & TB2.Text.Trim & "','Nursery','" & yr & "','" & TB3.Text.Trim & "','" & TB4.Text.Trim & "','" & TB5.Text.Trim & "','" & TB6.Text.Trim & "','" & tot & "')", cn)
da.InsertCommand.ExecuteNonQuery()
da.Dispose()
da.InsertCommand = New SqlCommand("INSERT INTO[FTE_tbl] (roll_no,s_name,class,session) VALUES ('" & TB1.Text.Trim & "','" & TB2.Text.Trim & "','Nursery','" & yr & "')", cn)
da.InsertCommand.ExecuteNonQuery()
da.Dispose()
trans.Commit()
MsgBox("Rocord Successfully Inserted!")
Catch ex As Exception
trans.Rollback()
MsgBox(ex.Message)
Finally
cn.Close()
End Try
End Sub
Create the InsertCommand first, and then assign the transaction:
da.InsertCommand = New SqlCommand("...")
da.InsertCommand.Transaction = trans
And you need to commit your transactions:
da.InsertCommand.Transaction.Commit()
try this, may be it will help for you
Dim dsBillMst As DataTable
Dim TrDtsSvr As SqlTransaction
Dim cmdReadLocal As New SqlCommand
Dim ConSvr As New SqlConnection(gblstrDBConnectionStr)
ConSvr.Open()
TrDtsSvr = ConSvr.BeginTransaction()
cmdReadLocal.Transaction = TrDtsSvr
cmdReadLocal.commandtext="//your insert statement"
cmdReadLocal.executenonquery()
adapter = New SqlDataAdapter(cmdReadLocal)
dsBillMst = New DataTable
adapter.Fill(dsBillMst)
your problem is you disposed the sql command in the first insert, but then you didnt open it again in another insert.
try this one.....
cn.Open()
trans = cn.BeginTransaction()
da.InsertCommand.Transaction = trans
da.InsertCommand = New SqlCommand("INSERT INTO[FTUT_tbl] (roll_no,s_name,class,session,eng_i,ben,math,stu_wor,gra_tot) VALUES ('" & TB1.Text.Trim & "','" & TB2.Text.Trim & "','Nursery','" & yr & "','" & TB3.Text.Trim & "','" & TB4.Text.Trim & "','" & TB5.Text.Trim & "','" & TB6.Text.Trim & "','" & tot & "')", cn)
da.InsertCommand.ExecuteNonQuery()
da.Dispose()
cn.Open()
da.InsertCommand = New SqlCommand("INSERT INTO[FTE_tbl] (roll_no,s_name,class,session) VALUES ('" & TB1.Text.Trim & "','" & TB2.Text.Trim & "','Nursery','" & yr & "')", cn)
da.InsertCommand.ExecuteNonQuery()
da.Dispose()