i have textboxes called classno 1 to 8
i have a code like this:
Dim sqlQuery As String = "SELECT ClassNo, SubjectCode, Title, Lec, Lab, Days,
TimeSlot, roomNo, Ins_ID
from studSched WHERE SubjectCode = '" & classno1.Text & "' and '" & classno2.Text & "' and '" & classno3.Text &
"' AND'" & classno4.Text & "' AND'" & classno5.Text & "' AND '" & classno6.Text & "' AND'" & classno7.Text & "' AND'" & classno8.Text & "' "
where textbox classno 1 to 8 have a value of subject 1 to 8
ex:
classno1="subject1"
how to query all textboxes in my access
my probelem is it will get all data in my access,
how to get all specific data in my access..
i need a code of my query..
I think you need this
Dim sqlQuery As String = "SELECT ClassNo, SubjectCode, Title, Lec,
Lab, Days,TimeSlot, roomNo, Ins_ID
FROM studSched
WHERE SubjectCode = '" & classno1.Text & "' AND
SubjectCode = '" & classno2.Text & "' AND
SubjectCode = '" & classno3.Text & "' AND
SubjectCode = '" & classno4.Text & "' AND
SubjectCode = '" & classno5.Text & "' AND
SubjectCode = '" & classno6.Text & "' AND
SubjectCode = '" & classno7.Text & "' AND
SubjectCode = '" & classno8.Text & "' "
And this is not recommended, Use Parameterized Query
Dim Cmd as New SqlCommand()
cmd.Connection = con
cmd.CommandText = "SELECT ClassNo, SubjectCode, Title, Lec,Lab, Days,TimeSlot, roomNo,Ins_ID
FROM studSched WHERE SubjectCode = #Sub1 AND SubjectCode = #Sub2 AND
SubjectCode = #Sub3 AND SubjectCode = #Sub4 AND
SubjectCode = #Sub5 AND SubjectCode = #Sub6 AND
SubjectCode = #Sub7 AND SubjectCode = #Sub8"
cmd.Parameters.AddWithValue("#Sub1", classno1.Text)
cmd.Parameters.AddWithValue("#Sub2", classno2.Text)
cmd.Parameters.AddWithValue("#Sub3", classno3.Text)
cmd.Parameters.AddWithValue("#Sub4", classno4.Text)
cmd.Parameters.AddWithValue("#Sub5", classno5.Text)
cmd.Parameters.AddWithValue("#Sub6", classno6.Text)
cmd.Parameters.AddWithValue("#Sub7", classno7.Text)
cmd.Parameters.AddWithValue("#Sub8", classno8.Text)
Related
Update to Question:
Background. I am using SQL Server as a backend to my Access Database.
I have created this Stored Procedure (Update Query) that I run by way of a Passthrough query from MS Access. The process works fine with one exception.
If one of the date fields being passed to the update query is null then 1900-01-01 gets inserted into the column instead of leaving (making) it empty. I tried setting the default value to NULL but did not work. The date columns have date as their data type.
MS Access Side of things:
qry_PT_sp_UpdateTable_Club = exec sp_UpdateTable_Club
Button that Runs the process:
Private Sub btn_Save_Click()
'Tests that a club has been selected
mod_ClubSelectTest.ClubSelectTest
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'Creates values to be used by sp_UpdateTable_Club
strSQL = "exec sp_UpdateTable_Club '" & txt_Club_ID & "'," & _
" '" & txt_FSM_ID & "', '" & txt_Receiver_ID & "', '" & txt_ClubType_ID & "', '" & txt_ClubNumber & "'," & _
" '" & txt_ClubName & "', '" & txt_EIN & "', '" & chk_1st & "', '" & chk_2nd & "', '" & chk_3rd & "'," & _
" '" & chk_4th & "', '" & cbo_MtgDay_Member & "', '" & txt_MtgTime_Member & "'," & _
" '" & cbo_MTGDay_Trustees & "', '" & txt_MTGTime_Trustees & "', '" & txt_Notes & "'," & _
" '" & txt_Phone_Primary & "', '" & txt_Extension_Primary & "', '" & txt_Phone_Secondary & "'," & _
" '" & txt_Extension_Secondary & "', '" & txt_Address_1_P & "', '" & txt_Address_2_P & "'," & _
" '" & txt_City_P & "', '" & cbo_State_P & "', '" & txt_ZIP_P & "'," & _
" '" & Nz(txt_Address_1_M, Null) & "', '" & txt_Address_2_M & "'," & _
" '" & txt_City_M & "', '" & cbo_State_M & "', '" & txt_ZIP_M & "'," & _
" '" & Opt_AffliationAgreemet & "', '" & opt_990 & "', '" & opt_ByLaws & "', '" & opt_HouseRules & "'," & _
" '" & opt_Officers & "', '" & opt_TrialCommittee & "', '" & opt_FinanceCommitee & "'," & _
" '" & opt_Auditor & "', '" & opt_Invoice & "', '" & opt_Insurance & "', '" & txt_CharterSuspended & "'," & _
" '" & txt_AgentAssigned & "', '" & opt_CharterRequest_Type & "', '" & txt_RequestedDate & "' "
CurrentDb.QueryDefs("qry_PT_sp_UpdateTable_Club").SQL = strSQL
DoCmd.SetWarnings False
DoCmd.OpenQuery "qry_PT_sp_UpdateTable_Club"
DoCmd.SetWarnings True
End Sub
Stored Procedure sp_UpdateTable_Club
#Club_ID int,
#FSM_ID int,
#Recever_ID int,
#ClubType_ID int,
#ClubNumber int,
#ClubName nvarchar(50),
#EIN nvarchar(50),
#MTGWeek_1 bit,
#MTGWeek_2 bit,
#MTGWeek_3 bit,
#MTGWeek_4 bit,
#MTGDay_Members int,
#MTGTime_Members nvarchar(5),
#MTGDay_Trustees int,
#MTGTime_Trustees nvarchar(5),
#Notes nvarchar(max),
#PhonePrimary nvarchar(15),
#ExtensionPrimary nvarchar(6),
#PhoneSecondary nvarchar(15),
#ExtensionSecondary nvarchar(15),
#Address1_P nvarchar(50),
#Address2_P nvarchar(50),
#City_P nvarchar(50),
#State_Province_ID_P nvarchar(50),
#PostalCode_P nvarchar(50),
#Address1_M nvarchar(50),
#Address2_M nvarchar(50),
#City_M nvarchar(50),
#State_Province_ID_M nvarchar(50),
#PostalCode_M nvarchar(50),
#AffiliationAgreement bit,
#990 bit,
#ByLaws bit,
#HouseRules bit,
#Officers bit,
#TrialCommittee bit,
#FinanceCommittee bit,
#Auditor bit,
#Invoice bit,
#Insurance bit,
#CharterSuspended date,
#ReceiverAssigned date,
#CharterRequest_Type_ID int,
#RequestedDate date
AS
Begin
UPDATE Club set FSM_ID = #FSM_ID,
Receiver_ID = #Recever_ID,
ClubType_ID = #ClubType_ID,
ClubNumber = #ClubNumber,
ClubName = #ClubName,
EIN = #EIN,
MTGWeek_1 = #MTGWeek_1,
MTGWeek_2 = #MTGWeek_2,
MTGWeek_3 = #MTGWeek_3,
MTGWeek_4 = #MTGWeek_4,
MTGDay_Members = #MTGDay_Members,
MTGTime_Members = #MTGTime_Members,
MTGDay_Trustees = #MTGDay_Trustees,
MTGTime_Trustees = #MTGTime_Trustees,
Notes = #Notes,
PhonePrimary = #PhonePrimary,
ExtensionPrimary = #ExtensionPrimary,
PhoneSecondary = #PhoneSecondary,
ExtensionSecondary = #ExtensionSecondary,
Address1_P = #Address1_P,
Address2_P = #Address2_P,
City_P = #City_P,
State_Province_ID_P = #State_Province_ID_P,
PostalCode_P = #PostalCode_P,
Address1_M = #Address1_M,
Address2_M = #Address2_M,
City_M = #City_M,
State_Province_ID_M = #City_M,
PostalCode_M = #PostalCode_M,
AffiliationAgreement = #AffiliationAgreement,
[990] = #990,
ByLaws = #ByLaws,
HouseRules = #HouseRules,
Officers = #Officers,
TrialCommittee = #TrialCommittee,
FinanceCommittee = #FinanceCommittee,
Auditor = #Auditor,
Invoice = #Invoice,
Insurance = #Insurance,
CharterSuspended = #CharterSuspended,
ReceiverAssigned = #ReceiverAssigned,
CharterRequest_Type_ID = #CharterRequest_Type_ID,
RequestedDate = NULLIF(#RequestedDate, CONVERT(DATE, '1900-1-1')
Where Club_ID = #Club_ID;
end
SELECT * From Club;
I would really appreciate if someone can help me to find a better solution than what I am doing now.
this is my vb.net insert command from the form which has dgvs with tables of 'dtOrders' and 'dtItems'. The issue I am facing now that sometimes all selected data doesn't insert into sql over internet dueto connection drop or slow connection. So what I want is send all data at once to sql and do the insert in sql stored procedure or something like that.
Sub Inserts() ' ScanPointLog, spSendToFactory
Dim CurrentDate = DateTime.Now.ToString("dd MMMM, yyyy hh:mm tt")
Try
'Insert Into ScanPointLog
MyCon.Open()
Query = "Declare #tId int set #tId=(select count(TripId) from ScanPointLog where BranchCode='" & BranchCodee & "' and ScanPoint='" & ScanPointName & "')+1
Insert into ScanPointLog(BranchCode, ScanPoint, TripId, DoneBy, DateTime, Driver, CarNo, ItemShouldBe, ActualTaken, MissedAny, MissedCount, TookExtra, ExtraCount, chkdSkipTrackItem, chkdSelectAllOrders,[Open])
Values('" & BranchCodee & "','" & ScanPointName & "',#tId,'" & UserIdd & "','" & CurrentDate & "','" & cmbDrivers.SelectedValue & "','" & txtCarNo.Text & "','" & TotalItemShouldBeForSelectedOrders & "','" & TotalItemTackenInTheTrip & "','" & IsThereAnyMissing & "','" & missingItems & "', '" & IsThereExtras & "','" & takingExtras & "',#skipTrckItem, #chckdAllOrdrs,1 )"
Command = New SqlCommand(Query, MyCon)
Command.Parameters.Add("#skipTrckItem", SqlDbType.Bit).Value = Convert.ToInt16(chbByPassTrackItem.Checked)
Command.Parameters.Add("#chckdAllOrdrs", SqlDbType.Bit).Value = Convert.ToInt16(chbSelectAllOrders.Checked)
Command.ExecuteNonQuery()
MyCon.Close()
'to get the saving tripid which was automatically took from above inser query
MyCon.Open()
Query = "Declare #tId int set #tId=(select count(TripId) from ScanPointLog where BranchCode='" & BranchCodee & "' and ScanPoint='" & ScanPointName & "')
select #tId as Result"
Command = New SqlCommand(Query, MyCon)
dtreaderTripIdafterSave = Command.ExecuteReader
While dtreaderTripIdafterSave.Read
ThisTripID = dtreaderTripIdafterSave.Item(0)
End While
lblTripID.Text = ThisTripID
MyCon.Close()
'Insert Orders into table spSendToFactory
MyCon.Open()
For Each row As DataRow In dtOrders.Rows
If row("Checked") = True Then
Dim TrackItem As Integer
If row("TrackItem") = "Yes" Then
TrackItem = 1
Else
TrackItem = 0
End If
Query = "If not Exists (Select * from spSendToFactory where OrderNo = #nOrderNo and IsItem=0 and BranchCode=#nBranchcode )
begin
Insert into spSendToFactory(OrderNo, DateTime, IsItem, BranchCode, TrackItem,CameFrom_Page,CameFrom_Table,CameFrom_TripID) Values(#nOrderNo,#nDtTm,0,#nBranchcode,#trkItem,'" & PreviouseScanPoint_Form & "','" & PreviouseScanPoint_Table & "','" & ThisTripID & "')
end;
Update spOrdered set TripId= '" & ThisTripID & "',Done= 1 where OrderNo = #nOrderNo AND IsItem=0;
Update Orders set OrderStatus= '" & ScanPointName & "' where OrderNo = #nOrderNo "
Command = New SqlCommand(Query, MyCon)
Command.Parameters.AddWithValue("#nOrderNo", row("OrderNo").ToString)
Command.Parameters.AddWithValue("#nDtTm", CurrentDate)
Command.Parameters.AddWithValue("#nBranchcode", BranchCodee)
Command.Parameters.Add("#trkItem", SqlDbType.Bit).Value = TrackItem
Command.ExecuteNonQuery()
End If
Next
'Insert Items into table spSendToFactory
For Each iRow As DataRow In dtItems.Rows
If iRow("Checked") = True Then
Query = "If not Exists (Select * from spSendToFactory where OrderNo = #nOrderNo and IsItem=1 and ItemBarcode=#nItemBcode and BranchCode=#nBranchcode )
begin
Insert into spSendToFactory(OrderNo, DateTime, IsItem, ItemBarcode, BranchCode,CameFrom_Page,CameFrom_Table,CameFrom_TripID ) Values(#nOrderNo,#nDtTm,1,#nItemBcode,#nBranchcode,'" & PreviouseScanPoint_Form & "','" & PreviouseScanPoint_Table & "','" & ThisTripID & "')
end;
Update spOrdered set TripId= '" & ThisTripID & "', Done= 1 where OrderNo = #nOrderNo AND IsItem=1 AND ItemBarcode= #nItemBcode ;
Update OrderItem set ItemStatus= '" & ScanPointName & "' where OrderNo = #nOrderNo AND ItemBarcode= #nItemBcode "
Command = New SqlCommand(Query, MyCon)
Command.Parameters.AddWithValue("#nOrderNo", iRow("OrderNo").ToString)
Command.Parameters.AddWithValue("#nDtTm", CurrentDate)
Command.Parameters.AddWithValue("#nItemBcode", iRow("ItemBarcode").ToString)
Command.Parameters.AddWithValue("#nBranchcode", BranchCodee)
Command.ExecuteNonQuery()
End If
Next
'Insert missing items into ScnPntMissItems
For Each mRow As DataRow In dtMissedItems.Rows
Query = "If not Exists
(Select * from ScnPntMissItems where
[BranchCode]='" & BranchCodee & "' and
[ScanPoint]= '" & ScanPointName & "' and
[TripId] = '" & ThisTripID & "' and
[OrderNo]= #nOrderNo and
[ItemBarcode] = #nItemBcode)
begin
Insert into ScnPntMissItems([BranchCode],[ScanPoint],[TripId],[DateTime],[OrderNo],[ItemName],[ItemBarcode]) Values('" & BranchCodee & "','" & ScanPointName & "','" & ThisTripID & "','" & CurrentDate & "',#nOrderNo,#nItemName,#nItemBcode)
end"
Command = New SqlCommand(Query, MyCon)
Command.Parameters.AddWithValue("#nOrderNo", mRow("OrderNo").ToString)
Command.Parameters.AddWithValue("#nItemName", mRow("ItemName").ToString)
Command.Parameters.AddWithValue("#nItemBcode", mRow("ItemBarcode").ToString)
Command.ExecuteNonQuery()
Next
'Insert extra items into ScnPntExtraItems
For Each eRow As DataRow In dtExtarItems.Rows
Query = "If not Exists
(Select * from ScnPntExtraItems where
[BranchCode]='" & BranchCodee & "' and
[ScanPoint]= '" & ScanPointName & "' and
[TripId] = '" & ThisTripID & "' and
[OrderNo]= #nOrderNo and
[ItemBarcode] = #nItemBcode)
begin
Insert into ScnPntExtraItems([BranchCode],[ScanPoint],[TripId],[DateTime],[OrderNo],[ItemName],[ItemBarcode]) Values('" & BranchCodee & "','" & ScanPointName & "','" & ThisTripID & "','" & CurrentDate & "',#nOrderNo,#nItemName,#nItemBcode)
end;
Update spOrdered set TripId= '" & ThisTripID & "', Done= 1 where OrderNo = #nOrderNo AND IsItem=1 AND ItemBarcode= #nItemBcode ;
Update OrderItem set ItemStatus= '" & ScanPointName & "' where OrderNo = #nOrderNo AND ItemBarcode= #nItemBcode"
Command = New SqlCommand(Query, MyCon)
Command.Parameters.AddWithValue("#nOrderNo", eRow("OrderNo").ToString)
Command.Parameters.AddWithValue("#nItemName", eRow("ItemName").ToString)
Command.Parameters.AddWithValue("#nItemBcode", eRow("ItemBarcode").ToString)
Command.ExecuteNonQuery()
Next
Query = "Update ScanPointLog set [Close]=1 where BranchCode='" & BranchCodee & "' and ScanPoint='" & ScanPointName & "' and TripId= '" & ThisTripID & "' "
Command = New SqlCommand(Query, MyCon)
Command.ExecuteNonQuery()
MyCon.Close()
failed_to_upload = False
MsgBox("Trip ID: " & ThisTripID & " at '" & ScanPointName & "' saved successfully")
Catch ex As Exception
MsgBox(ex.Message)
failed_to_upload = True
MsgBox("The uploading process could NOT be completed properly due to network issue.
The Trip ID '" & ThisTripID & "' of '" & ScanPointName & "' may not include checked orders or items correctly. Therefor please contact system administrator with following details to roll back this event immediately.
Trip ID = '" & ThisTripID & "'
Scan Point = '" & ScanPointName & "'")
End Try
End Sub
my data type in my database is date/time
my error is data type mis match
please help tnx...
Dim try3 As String
cmd1 = "SELECT count(new) AS cnew FROM sheet WHERE empname = '" & try3 & "' AND new IS NOT NULL"
cmd2 = "SELECT count(rev1) AS crev1 FROM sheet WHERE empname = '" & try3 & "' AND rev1 <> '" & try2 & "' "
cmd3 = "SELECT count(rev2) AS crev2 FROM sheet WHERE empname = '" & try3 & "' AND rev2 <> '" & try2 & "' "
cmd4 = "SELECT count(rev3) AS crev3 FROM sheet WHERE empname = '" & try3 & "' AND rev3 <> '" & try2 & "' "
cmd5 = "SELECT count(rev4) AS crev4 FROM sheet WHERE empname = '" & try3 & "' AND rev4 <> '" & try2 & "' "
cmd6 = "SELECT count(rev5) AS crev5 FROM sheet WHERE empname = '" & try3 & "' AND rev5 <> '" & try2 & "' "
If try2 is your date variable, it should read:
AND rev1 <> #" & try2.ToString("yyyy'/'mm'/'dd") & "# "
Dim cmd As OleDb.OleDbCommand = New OleDbCommand(" UPDATE Items SET PartNo = " & PartNoTxt.Text & ", EqptDesc = '" & DescTxt.Text & "', Qty = '" & QtyTxt.Text & "', Pasok = '" & InTxt.Text & "', Labas = '" & OutTxt.Text & "', Tapos = '" & EndTxt.Text & "', SerialNumber = '" & SerialTxt.Text & "', CalibrationType = '" & CalType.Text & "', CalibrationDate = '" & CalOn.Value.Date & "', SupplierDue = '" & SuppDue.Value.Date & "', TodaysDate = '" & TodDate.Value.Date & "', Validity = '" & Validity.Text & "', Status = '" & StatsTxt.Text & "', DiOh = '" & DOTxt.Text & "', User = '" & UserTxt.Text & "', EMType = '" & EMType.Text & "' WHERE CTID = " & TxtItemCode.Text, connection)
I am using MS Access.
Here is the code which I am having problem with, it says "Syntax error in UPDATE statement.".
User is a reserved word in Jet/ACE, so you must surround it with square brackets in your statement:
... & "', [User] = '" & UserTxt.Text & ...
I have this query:
SQLcommand.CommandText = "UPDATE Pupil
SET Pupil_Name = '" & PDV_First_Name.Text & "' ,
Pupil_Middle_Name = '" & PDV_Middle_Name.Text & "' ,
Pupil_Surname = '" & PDV_Surname.Text & "' ,
Pupil_Prefferend_Name = '" & PDV_P_Name.Text & "' ,
Gender = '" & gender & "' ,
DOB = '" & Microsoft.VisualBasic.Left(PDV_bday.Value,10) & "' ,
Home_Languages = '" & PDV_Languages.Text & "' ,
Family_Religion = '" & PDV_Religion.Text & "' ,
Ethnicity = '" & PDV_Ethnicity.Text & "' ,
Form_ID = '" & Microsoft.VisualBasic.Trim(Microsoft.VisualBasic.Left(PDV_Form.Text,3)) & "' ,
Address_Line_1 = '" & PDV_Address_1.Text & "' ,
Address_Line_2 = '" & PDV_Address_2.Text & "' ,
Address_Line_3 = '" & PDV_Address_3.Text & "' ,
Postcode = '" & PDV_Postcode.Text & "' ,
Home_Tel = '" & PDV_Home_Tel.Text & "' ,
Parent_1_First_Name = '" & PDV_P1_First_Name.Text & "' ,
Parent_1_Surname = '" & PDV_P1_Surname.Text & "' ,
Parent_1_Relationship = '" & PDV_P1_CB_Relationship.Text & "' ,
Parent_1_Occupation = '" & PDV_P1_Occupation.Text & "' ,
Parent_1_Mobile_No = '" & PDV_P1_Mobile_No.Text & "' ,
Parent_1_Work_Number = '" & PDV_P1_Work_No.Text & "' ,
Parent_1_Email = '" & PDV_P1_Email.Text & "' ,
Parental_1_Responsibility = '" & parental1 & "' ,
Parent_2_First_Name = '" & PDV_P2_First_Name.Text & "' ,
Parent_2_Surname = '" & PDV_P2_Surname.Text & "' ,
Parent_2_Relationship = '" & PDV_P2_CB_Relationship.Text & "' ,
Parent_2_Occupation = '" & PDV_P2_Occupation.Text & "' ,
Parent_2_Mobile_No = '" & PDV_P2_Mobile_No.Text & "' ,
Parent_2_Work_Number = '" & PDV_P2_Work_No.Text & "' ,
Parent_2_Address_1 = '" & PDV_P2_Address_1.Text & "' ,
Parent_2_Address_2 = '" & PDV_P2_Address_2.Text & "' ,
Parent_2_Address_3 = '" & PDV_P2_Address_3.Text & "' ,
Parent_2_Postcode = '" & PDV_P2_Postcode.Text & "' ,
Parent_2_Home_No = '" & PDV_P2_Home_Number.Text & "' ,
Parental_2_Responsibility = '" & parental2 & "' ,
Family_Mem_1_First_Name = '" & PDV_FM1_First_Name.Text & "' ,
Family_Mem_1_Surname = '" & PDV_FM1_Surname.Text & "' ,
Family_Mem_1_Relationship = '" & PDV_FM1_Relationship.Text & "' ,
Family_Mem_2_First_Name = '" & PDV_FM2_First_Name.Text & "' ,
Family_Mem_2_Surname = '" & PDV_FM2_Surname.Text & "' ,
Family_Mem_2_Relationship = '" & PDV_FM2_Relationship.Text & "' ,
Collector_1_First_Name = '" & PDV_C1_First_Name.Text & "' ,
Collector_1_Surname = '" & PDV_C1_Surname.Text & "' ,
Collector_1_Relationship = '" & PDV_C1_Relationship.Text & "' ,
Collector_1_Address_1 = '" & PDV_C1_Address_1.Text & "' ,
Collector_1_Address_2 = '" & PDV_C1_Address_2.Text & "' ,
Collector_1_Address_3 = '" & PDV_C1_Address_3.Text & "' ,
Collector_1_Postcode = '" & PDV_C1_Postcode.Text & "' ,
Collector_1_Tel_No = '" & PDV_C1_Work_No.Text & "' ,
Collector_1_Mob_No = '" & PDV_C1_Mobile_No.Text & "' ,
Collector_2_First_Name = '" & PDV_C2_First_Name.Text & "' ,
Collector_2_Surname = '" & PDV_C2_Surname.Text & "' ,
Collector_2_Relationship = '" & PDV_C2_Relationship.Text & "' ,
Collector_2_Address_1 = '" & PDV_C2_Address_1.Text & "' ,
Collector_2_Address_2 = '" & PDV_C2_Address_2.Text & "' ,
Collector_2_Address_3 = '" & PDV_C2_Address_3.Text & "' ,
Collector_2_Postcode = '" & PDV_C2_Postcode.Text & "' ,
Collector_2_Tel_No = '" & PDV_C2_Work_No.Text & "' ,
Collector_2_Mob_No = '" & PDV_C2_Mobile_No.Text & "' ,
Collection_Instructions = '" & PDV_Collection_Instructions.Text &"' ,
Doctor_Name = '" & PDV_M_First_Name.Text & "' ,
Practice_Name = '" & PDV_M_Practice.Text & "' ,
Doctor_Address_1 = '" & PDV_M_Address_1.Text & "' ,
Doctor_Address_2 = '" & PDV_M_Address_2.Text & "'
,Doctor_Address_3 = '" & PDV_M_Address_3.Text & "' ,
Doctor_Postcode = '" & PDV_M_Postcode.Text & "' ,
Doctor_Contact_No = '" & PDV_M_Contact_No.Text & "' ,
Vaccinations = '" & PDV_M_Vaccinations.Text & "' ,
Allergies = '" & PDV_M_Allergies.Text & "' ,
Food_Dislikes '" & PDV_M_Dislikes.Text & "' ,
Special_Needs = '" & sn & "' ,
Special_Needs_Details = '" & PDV_M_Special_Needs.Text & "' ,
Medication_Application = '" & MA & "' ,
Medication_Details = '" & PDV_M_Medication.Text & "' ,
Medical_Problems = '" & PDV_M_Medical_Info.Text & "' ,
ICE_First_Name = '" & PDV_ICE_First_Name.Text & "' ,
ICE_Surname = '" & PDV_ICE_Surname.Text & "' ,
ICE_Relationship = '" & PDV_ICE_CB_Relationship.Text & "' ,
ICE_Address_1 = '" & PDV_ICE_Address_1.Text & "' ,
ICE_Address_2 = '" & PDV_ICE_Address_2.Text & "' ,
ICE_Address_3 = '" & PDV_ICE_Address_3.Text & "' ,
ICE_Postcode = '" & PDV_ICE_Postcode.Text & "' ,
ICE_Tel_No = '" & PDV_ICE_Home_No.Text & "' ,
ICE_Mob_No = '" & PDV_ICE_Mobile_No.Text & "' ,
Emergency = '" & A & "' ,
Safety = '" & B & "' ,
Information = '" & C & "' ,
Medical_Form = '" & D & "' ,
Stats = '" & U & "' ,
Consent_PG = '" & F & "' ,
Consent_Photo = '" & G & "' ,
Consent_Face_Paint = '" & H & "' ,
Consent_Trips_Dore_Village = '" & I & "' ,
Consent_Trips_Dore_Recc = '" & J & "' ,
Consent_Scooter = '" & K & "' ,
Consent_Plaster = '" & L & "' ,
Consent_Sun_Cream = '" & M & "' ,
Attendance_Monday = '" & N & "' ,
Attendance_Tuesday = '" & O & "' ,
Attendance_Wednesday = '" & P & "' ,
Attendance_Thursday = '" & Q & "' ,
Attendance_Friday = '" & R & "' ,
Signed = '" & S & "' ,
Sign_Date = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Sign.Value,10) & "' ,
Waiting_List = '" & T & "' , Date_Of_Application = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Application.Value,10) & "' ,
Date_Added = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Added.Value,10) & "' ,
Added_By = '" & PDV_O_CB_Added.Text & "' ,
Other_Info = '" & PDV_Other.Text & "'
WHERE Pupil_ID = '" & Pupil & "'"
Which is pretty massive but everytime i run it i get a syntax error like this below:
System.Data.SQLite.SQLiteException: SQLite error
near "''": syntax error
at System.Data.SQLite.SQLite3.Prepare(SQLiteConnection cnn, String strSql, SQLiteStatement previous, UInt32 timeoutMS, String& strRemain)
at System.Data.SQLite.SQLiteCommand.BuildNextCommand()
at System.Data.SQLite.SQLiteCommand.GetStatement(Int32 index)
at System.Data.SQLite.SQLiteDataReader.NextResult()
at System.Data.SQLite.SQLiteDataReader..ctor(SQLiteCommand cmd, CommandBehavior behave)
at System.Data.SQLite.SQLiteCommand.ExecuteReader(CommandBehavior behavior)
at System.Data.SQLite.SQLiteCommand.ExecuteNonQuery()
at ContactsDatabase.Search_Pupil.Button2Click(Object sender, EventArgs e) in F:\Backup\ContactsDatabase\Search_Pupil.vb:line 1067
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(ApplicationContext context)
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnRun()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] commandLine)
at ContactsDatabase.My.MyApplication.Main(String[] Args) in 17d14f5c-a337-4978-8281-53493378c1071.vb:line 81
I have checked manually and searched for this mysterious " '' " but it is not in this query! The only thing i can think of is that it is where a record is blank however in a very similar query i have for updating staff it doesn't error if it is blank! Please help!
Thanks
To save space and time, I'm only going to show you a shortened version of how to fix this. The technique shown here will not only fix your sql formatting issue, but also fix the huge gaping security issue with the current code:
SQLcommand.CommandText = "UPDATE Pupil
SET Pupil_Name = #PupilName,
Pupil_Middle_Name = #PupilMiddleName,
Pupil_Surname = #PupilSurName,
Pupil_Prefferend_Name = #PupilPreferredName,
Gender = #Gender ,
DOB = #DOB,
...
WHERE Pupil_ID = #PupilID"
'Guessing at parameter types/lengths here. Use actual types and lengths from your DB
SQLcommand.Parameters.Add("#PupilName", SqlDbType.NVarChar, 30).Value = PDV_First_Name.Text
SQlcommand.Parameters.Add("#PupilMiddleName", SqlDbType.NVarChar, 30).Value= PDV_Middle_Name.Text
SQLcommand.Parameters.Add("#PupilSurName", SqlDbType.NVarChar, 40).Value = PDV_Surname.Text
SQLcommand.Parameters.Add("#PupilPreferredName", SqlDbType.NVarChar, 30).Value = PDV_P_Name.Text
SQLcommand.Parameters.Add("#Gender", SqlDbType.Char, 1).Value = gender
SQLcommand.Parameters.Add("#DOB", SqlDbType.DateTime).Value = DateTime.Parse(Microsoft.VisualBasic.Left(PDV_bday.Value,10))
'...
SQLcommand.Parameters.Add("#PupilID", SqlDbType.Int).Value = Pupil