I have had the following error for a couple days and can't find the error. Can anyone please help me with this and ideally re-write the code with the solution.
Private Sub btnAdd_Click(sender As Object, e As EventArgs) Handles btnAdd.Click
Dim cmd As New OleDb.OleDbCommand
If Not cnn.State = ConnectionState.Open Then
'The line of code below opens the connection to the database if it isnt open
cnn.Open()
End If
cmd.Connection = cnn
'Check whether to add new or update
If Me.txtItemID.Tag & "" = "" Then
'Add new
'The line of coding below adds data to table
cmd.CommandText = "INSERT INTO Product ([Item ID], [Item Name], [Item Type], [Quantity], [Min Shelf Stock], [Purchase Price], [Note]) " & _
" VALUES (" & Me.txtItemID.Text & ",'" & Me.txtItemName.Text & "','" & _
Me.cboItemType.Text & "','" & Me.txtQuantity.Text & "','" & _
Me.txtMinShelfStock.Text & "','" & Me.txtPurchasePrice.Text & "','" & _
Me.txtNote.Text & "')"
cmd.ExecuteNonQuery()
Else
'Update data in the table
cmd.CommandText = "UPDATE Product " & _
" SET Item ID=" & Me.txtItemID.Text & _
", Item Name='" & Me.txtItemName.Text & "'" & _
", Item Type='" & Me.cboItemType.Text & "'" & _
", Quantity='" & Me.txtQuantity.Text & "'" & _
", Min Shelf Stock='" & Me.txtMinShelfStock.Text & "'" & _
", Purchase Price='" & Me.txtPurchasePrice.Text & "'" & _
", Note='" & Me.txtNote.Text & "'" & _
" WHERE Item ID=" & Me.txtItemID.Tag
cmd.ExecuteNonQuery()
End If
'Refresh data in list
RefreshData()
'Clear the form
Me.btnClear.PerformClick()
'The code below closes the connection to the database
cnn.Close()
End Sub
Try This...
cmd.CommandText = "INSERT INTO Product ([Item Id], [Item Name], [Item Type], [Quantity], [Min Shelf Stock], [Purchase Price], [Note]) VALUES (#id, #name, #iType, #quantity, #minshelfstock, #price, #note)"
cmd.Paramaters.AddWithValue("#id", txtItemId.Text)
cmd.Paramaters.AddWithValue("#name", txtItemName.Text)
cmd.Paramaters.AddWithValue("#iType", cboItemType.Text)
cmd.Paramaters.AddWithValue("#quantity", txtQuantity.Text)
cmd.Paramaters.AddWithValue("#minshelfstock", txtMinShelfStock.Text)
cmd.Paramaters.AddWithValue("#price", txtPurchasePrice.Text)
cmd.Paramaters.AddWithValue("#note", txtNote.Text)
Hope this helps
RoDiT
The first thing that I notice is that you have Quantity, Price and Min Shelf Stock surrounded by quotes in your select statement like ,'" & Me.txtQuantity.Text & "', which would submit them as text, but if these fields in your table are number formats of some sort then they have to be entered as numbers ," & Me.txtQuantity.Text & ",.
Related
When running the program i get an error saying 'Data type mismatch in criteria expression.' and the line cmd.ExecuteNonQuery() is highlighted. In my database the datatype for 'ID' is AutoNumber and the datatype for 'Calories Burned' is decimal and everything else is text. I don't know if it is do with fact that when i input data into the text boxes its classed as a string. but if someone could help i would appreciate it a lot.
Private Sub btnAdd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnAdd.Click
Dim cmd As New OleDb.OleDbCommand
' add data to table '
If Not cnn.State = ConnectionState.Open Then
' open connection '
cnn.Open()
End If
cmd.Connection = cnn
If Me.txtID.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO [Training log] ([ID], [Runner Name], [Running Average Speed], [Cyclying Average Speed], [Swimming style] , [Calories Burned]) VALUES ('" & Me.txtID.Text & "' , '" & Me.txtRunnerName.Text & "' , '" & Me.txtRunSpeed.Text & "' , '" & Me.txtCycleSpeed.Text & "', '" & Me.txtSwimStyle.Text & "', '" & Me.txtCaloriesBurned.Text & "')"
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE [Training log] SET ID=" & Me.txtID.Text & ", [Runner Name]='" & Me.txtRunnerName.Text & "', [Running Average Speed]='" & txtRunSpeed.Text & "', [Cyclyin Average Speed]='" & txtCycleSpeed.Text & "', [Swimming style]='" & txtSwimStyle.Text & "', [Calories Burned]='" & txtCaloriesBurned.Text & "' WHERE ID='" & txtRunnerName.Tag & "' "
cmd.ExecuteNonQuery()
End If
You may need to remove the single quotes around your non-string values.
cmd.CommandText = "INSERT INTO [Training log] ([ID], [Runner Name], [Running Average Speed], [Cyclying Average Speed], [Swimming style] , [Calories Burned]) VALUES (" & Me.txtID.Text & " , '" & Me.txtRunnerName.Text & "' , '" & Me.txtRunSpeed.Text & "' , '" & Me.txtCycleSpeed.Text & "', '" & Me.txtSwimStyle.Text & "', " & Me.txtCaloriesBurned.Text & ")"
"Here's the code. I keep getting an exception when I try to insert. It says.. Syntax error (missing operator) in query expression 'Mary','Smith','Jane','2 oak','Cincinnati','OH','45220','413-3222','15'."
mySQL = "Insert into Team
([Player Number],
[First Name],
[Last Name],
[Parent Name],
[Address] ,
[City],
[State],
[Zip Code],
[Telephone Number],
[Age])
values (" _
& intPlayerNo & "," _
& strFirstName & "','" _
& strLastName & "','" _
& strParentName & "','" _
& strAddress & "','" _
& strCity & "','" _
& strState & "','" _
& strZipCode & "','" _
& strPhone & "','" _
& intAge & ")"
This is a rather wrong way of building an sql query. You want to use parameters in your query
mySQL = "Insert into Team([Player Number]) values (#playerNumber)"
Using connection As New SqlConnection(connectionString)
Dim command As New SqlCommand(mySQL, connection)
command.Parameters.AddWithValue("#playerNumber", intPlayerNo)
And so on. If you don't do this you leave yourself open to all sorts of nastiness like sql injections not to mention that it's prone to typing errors as you already encountered.
You're missing a single quote before strFirstname. Should be
& intPlayerNo & ",'" _
& strFirstName & "','" _
And you should remove the last single quote before intAge, so it should be:
& strPhone & "'," _
& intAge & ")"
Try:
mySQL = "Insert into Team([Player Number], [First Name], [Last Name], [Parent Name], [Address] , [City], [State], [Zip Code], [Telephone Number], [Age]) values (" _
& intPlayerNo & ",'" _
& strFirstName & "','" _
& strLastName & "','" _
& strParentName & "','" _
& strAddress & "','" _
& strCity & "','" _
& strState & "','" _
& strZipCode & "','" _
& strPhone & "'," _
& intAge & ")"
Missed two ''s it looked like.
When I try to edit and update the data in datagriview it comes up with an error message saying Operator '&' is not defined for type 'TextBox' and string "".
please help. Thanks
Here is my code
Private Sub btnaddrecord_Click(sender As Object, e As EventArgs) Handles btnaddrecord.Click
Dim cmd As New OleDb.OleDbCommand
If Not cnn.State = ConnectionState.Open Then
cnn.Open()
End If
cmd.Connection = cnn
If Me.IdentificationNotest.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO vehicledefects(Codenumber, vehiclereg, datereported, defects1, repaired1, defects2, repaired2, defects3, repaired3, datefixed) " & _
" VALUES(" & Me.IdentificationNotest.Text & ",'" & Me.vehiclereg.Text & "','" & Me.datereported.Text & "','" & Me.defects1.Text & "','" & Me.repaired1.Text & "','" & _
Me.defects2.Text & "','" & Me.repaired2.Text & "','" & _
Me.defects3.Text & "','" & Me.repaired3.Text & "','" & _
Me.datefixed.Text & "')"
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE vehicledefects" & _
" SET Codenumber =" & Me.IdentificationNotest.Text & _
", vehiclereg ='" & Me.vehiclereg.Text & "'" & _
", datereported ='" & Me.datereported.Text & "'" & _
", defects1 ='" & Me.defects1.Text & "'" & _
", repaired1 ='" & Me.repaired1.Text & "'" & _
", defects2 ='" & Me.defects2.Text & "'" & _
", repaired2='" & Me.repaired2.Text & "'" & _
", defects3='" & Me.defects3.Text & "'" & _
", repaired3='" & Me.repaired3.Text & "'" & _
", datefixed='" & Me.datefixed.Text & "'" & _
" WHERE Codenumber =" & Me.IdentificationNotest.Tag
cmd.ExecuteNonQuery()
End If
refreshdata()
Me.btnclear.PerformClick()
cnn.Close()
datefixed.Text = ""
IdentificationNotest.Text = ""
End Sub
In the future, you should also post the line number the error is being thrown on.
The error is telling you that you're doing something like:
dim myString as String = myTextBox & " some more text"
in this case, you would need to do:
dim myString as String = myTextBox.Text & " some more text"
In the code you posted, I wasn't able to find an instance of this - so perhaps its somewhere else in the code. Though, the code was hard to read so I may have missed it.
You may also be aware that this code is susceptible to SQL Injection attacks
I input the Right dataSource but it didnt i cant fixed the problem cmd.ExecuteNonQuery()
saying:
Syntax error in INSERT INTO statement.
Code:
Private Sub btnadd1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnadd1.Click
Dim cmd As New OleDb.OleDbCommand
Dim Printlist1 As New DataTable
If Not con.State = ConnectionState.Open Then
con.ConnectionString = "Provider=Microsoft.Ace.OLEDB.12.0; Data Source=c:Database11.accdb"
con.Open()
cmd.Connection = con
End If
If Me.text1.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, Description, Company, Department, Location, User, SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(" & Me.text1.Text & ",'" & Me.text2.Text & "','" & _
Me.text3.Text & "','" & Me.text4.Text & "','" & Me.text5.Text & "','" & _
Me.text6.Text & "','" & Me.text7.Text & "','" & Me.text8.Text & "','" & _
Me.text9.Text & "','" & Me.text10.Text & "','" & Me.text11.Text & "','" & _
Me.text12.Text & "')"
cmd = New OleDbCommand(cmd.CommandText, con)
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE Printlist1 " & _
" SET StickerCode='" & Me.text1.Text & _
", Description='" & Me.text2.Text & "'" & _
", Company='" & Me.text3.Text & "'" & _
", Department='" & Me.text4.Text & "'" & _
", Location='" & Me.text5.Text & "'" & _
", User='" & Me.text6.Text & "'" & _
", SerialNumber='" & Me.text7.Text & "'" & _
", DatePurchased='" & Me.text8.Text & "'" & _
", Tagable='" & Me.text9.Text & "'" & _
", Quantity='" & Me.text10.Text & "'" & _
", Brand='" & Me.text11.Text & "'" & _
", Model='" & Me.text12.Text & "'" & _
" WHERE text1=" & Me.text1.Tag
cmd.ExecuteNonQuery()
End If
RefreshData()
Me.btnclear1.PerformClick()
con.Close()
End Sub
Use a parameterized query, like this:
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, Description, Company, Department, Location, User, SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(#StickerCode, #Description, #Company, #Department, #Location, #User, #SerialNumber, #DatePurchased, #Tagable, #Quantity, #Brand, #Model)"
cmd.Parameters.AddWithValue("#StickerCode", Me.Text1.Text)
cmd.Parameters.AddWithValue("#Description", Me.Text2.Text)
cmd.Parameters.AddWithValue("#Company", Me.Text3.Text)
cmd.Parameters.AddWithValue("#Department", Me.Text4.Text)
cmd.Parameters.AddWithValue("#Location", Me.Text5.Text)
cmd.Parameters.AddWithValue("#User", Me.Text6.Text)
cmd.Parameters.AddWithValue("#SerialNumber", Me.Text7.Text)
cmd.Parameters.AddWithValue("#DatePurchased", Me.Text8.Text)
cmd.Parameters.AddWithValue("#Tagable", Me.Text9.Text)
cmd.Parameters.AddWithValue("#Quantity", Me.Text10.Text)
cmd.Parameters.AddWithValue("#Brand", Me.Text11.Text)
cmd.Parameters.AddWithValue("#Model", Me.Text12.Text)
Note: It is best to keep the order of the parameters in line with the query, as databases like Microsoft Access will not execute the query correctly if the order is altered.
It is likely that one of your Me.textN.Text values has an apostrophe in it or some other unexpected character that is breaking your SQL quotes. The solution to this is to use parametized queries and/or stored procedure instead.
This incidentally, will also protect you form the SQL Injection attacks that take advantage of the same shortcoming in composing SQL commands as strings in the client application.
(NOTE: I am assuming the Me.text1.Text as the StickerCode is a number. Otherwise that's the problem as you are not quoting it the way you do with the other columns.)
First line is missing as '
...
"SET StickerCode='" & Me.text1.Text & "'" & _
...
You are missing single quotes around your first value. Try
" VALUES('" & Me.text1.Text & "','" & Me.text2.Text & "','" & _
Me.text3.Text & "','" & Me.text4.Text & "','" & Me.text5.Text & "','" & _
Me.text6.Text & "','" & Me.text7.Text & "','" & Me.text8.Text & "','" & _
Me.text9.Text & "','" & Me.text10.Text & "','" & Me.text11.Text & "','" & _
Me.text12.Text & "')"
This question already has answers here:
Syntax error when executing INSERT INTO statement
(4 answers)
Closed 8 years ago.
When I try cmd.ExecuteNonQuery() I get an error saying "Syntax error in INSERT INTO statement."
I posted this same problem yesterday... can someone help me again?
Private Sub btnadd1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnadd1.Click
Dim cmd As New OleDb.OleDbCommand
Dim Printlist1 As New DataTable
If Not con.State = ConnectionState.Open Then
con.ConnectionString = "Provider=Microsoft.Ace.OLEDB.12.0; Data Source=c:Database11.accdb"
con.Open()
cmd.Connection = con
End If
If Me.text1.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, Description, Company, Department, Location, User, SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(#StickerCode, #Description, #Company, #Department, #Location, #User, #SerialNumber, #DatePurchased, #Tagable, #Quantity, #Brand, #Model)"
cmd.Parameters.AddWithValue("#StickerCode", Me.text1.Text)
cmd.Parameters.AddWithValue("#Description", Me.text2.Text)
cmd.Parameters.AddWithValue("#Company", Me.text3.Text)
cmd.Parameters.AddWithValue("#Department", Me.text4.Text)
cmd.Parameters.AddWithValue("#Location", Me.text5.Text)
cmd.Parameters.AddWithValue("#User", Me.text6.Text)
cmd.Parameters.AddWithValue("#SerialNumber", Me.text7.Text)
cmd.Parameters.AddWithValue("#DatePurchased", Me.text8.Text)
cmd.Parameters.AddWithValue("#Tagable", Me.text9.Text)
cmd.Parameters.AddWithValue("#Quantity", Me.text10.Text)
cmd.Parameters.AddWithValue("#Brand", Me.text11.Text)
cmd.Parameters.AddWithValue("#Model", Me.text12.Text)
cmd = New OleDbCommand(cmd.CommandText, con)
cmd.ExecuteNonQuery()
Else
cmd.CommandText = "UPDATE Printlist1 " & _
" SET StickerCode='" & Me.text1.Text & _
", Description='" & Me.text2.Text & "'" & _
", Company='" & Me.text3.Text & "'" & _
", Department='" & Me.text4.Text & "'" & _
", Location='" & Me.text5.Text & "'" & _
", User='" & Me.text6.Text & "'" & _
", SerialNumber='" & Me.text7.Text & "'" & _
", DatePurchased='" & Me.text8.Text & "'" & _
", Tagable='" & Me.text9.Text & "'" & _
", Quantity='" & Me.text10.Text & "'" & _
", Brand='" & Me.text11.Text & "'" & _
", Model='" & Me.text12.Text & "'" & _
" WHERE text1=" & Me.text1.Tag
cmd.ExecuteNonQuery()
End If
RefreshData()
Me.btnclear1.PerformClick()
con.Close()
End Sub
Sticker Code Description Company Department Location User Serial Number Date Purchased Tagable Quantity Brand Model
User is a reserved word in Sql try placing it in Square Brackets like this [User]
cmd.CommandText = "INSERT INTO Printlist1(StickerCode, [Description], Company, Department, Location, [User], SerialNumber, DatePurchased, Tagable, Quantity, Brand, Model)" & _
" VALUES(#StickerCode, #Description, #Company, #Department, #Location, #User, #SerialNumber, #DatePurchased, #Tagable, #Quantity, #Brand, #Model)"