SQL query error Vb.net Sqlite - sql

I have this query:
SQLcommand.CommandText = "UPDATE Pupil
SET Pupil_Name = '" & PDV_First_Name.Text & "' ,
Pupil_Middle_Name = '" & PDV_Middle_Name.Text & "' ,
Pupil_Surname = '" & PDV_Surname.Text & "' ,
Pupil_Prefferend_Name = '" & PDV_P_Name.Text & "' ,
Gender = '" & gender & "' ,
DOB = '" & Microsoft.VisualBasic.Left(PDV_bday.Value,10) & "' ,
Home_Languages = '" & PDV_Languages.Text & "' ,
Family_Religion = '" & PDV_Religion.Text & "' ,
Ethnicity = '" & PDV_Ethnicity.Text & "' ,
Form_ID = '" & Microsoft.VisualBasic.Trim(Microsoft.VisualBasic.Left(PDV_Form.Text,3)) & "' ,
Address_Line_1 = '" & PDV_Address_1.Text & "' ,
Address_Line_2 = '" & PDV_Address_2.Text & "' ,
Address_Line_3 = '" & PDV_Address_3.Text & "' ,
Postcode = '" & PDV_Postcode.Text & "' ,
Home_Tel = '" & PDV_Home_Tel.Text & "' ,
Parent_1_First_Name = '" & PDV_P1_First_Name.Text & "' ,
Parent_1_Surname = '" & PDV_P1_Surname.Text & "' ,
Parent_1_Relationship = '" & PDV_P1_CB_Relationship.Text & "' ,
Parent_1_Occupation = '" & PDV_P1_Occupation.Text & "' ,
Parent_1_Mobile_No = '" & PDV_P1_Mobile_No.Text & "' ,
Parent_1_Work_Number = '" & PDV_P1_Work_No.Text & "' ,
Parent_1_Email = '" & PDV_P1_Email.Text & "' ,
Parental_1_Responsibility = '" & parental1 & "' ,
Parent_2_First_Name = '" & PDV_P2_First_Name.Text & "' ,
Parent_2_Surname = '" & PDV_P2_Surname.Text & "' ,
Parent_2_Relationship = '" & PDV_P2_CB_Relationship.Text & "' ,
Parent_2_Occupation = '" & PDV_P2_Occupation.Text & "' ,
Parent_2_Mobile_No = '" & PDV_P2_Mobile_No.Text & "' ,
Parent_2_Work_Number = '" & PDV_P2_Work_No.Text & "' ,
Parent_2_Address_1 = '" & PDV_P2_Address_1.Text & "' ,
Parent_2_Address_2 = '" & PDV_P2_Address_2.Text & "' ,
Parent_2_Address_3 = '" & PDV_P2_Address_3.Text & "' ,
Parent_2_Postcode = '" & PDV_P2_Postcode.Text & "' ,
Parent_2_Home_No = '" & PDV_P2_Home_Number.Text & "' ,
Parental_2_Responsibility = '" & parental2 & "' ,
Family_Mem_1_First_Name = '" & PDV_FM1_First_Name.Text & "' ,
Family_Mem_1_Surname = '" & PDV_FM1_Surname.Text & "' ,
Family_Mem_1_Relationship = '" & PDV_FM1_Relationship.Text & "' ,
Family_Mem_2_First_Name = '" & PDV_FM2_First_Name.Text & "' ,
Family_Mem_2_Surname = '" & PDV_FM2_Surname.Text & "' ,
Family_Mem_2_Relationship = '" & PDV_FM2_Relationship.Text & "' ,
Collector_1_First_Name = '" & PDV_C1_First_Name.Text & "' ,
Collector_1_Surname = '" & PDV_C1_Surname.Text & "' ,
Collector_1_Relationship = '" & PDV_C1_Relationship.Text & "' ,
Collector_1_Address_1 = '" & PDV_C1_Address_1.Text & "' ,
Collector_1_Address_2 = '" & PDV_C1_Address_2.Text & "' ,
Collector_1_Address_3 = '" & PDV_C1_Address_3.Text & "' ,
Collector_1_Postcode = '" & PDV_C1_Postcode.Text & "' ,
Collector_1_Tel_No = '" & PDV_C1_Work_No.Text & "' ,
Collector_1_Mob_No = '" & PDV_C1_Mobile_No.Text & "' ,
Collector_2_First_Name = '" & PDV_C2_First_Name.Text & "' ,
Collector_2_Surname = '" & PDV_C2_Surname.Text & "' ,
Collector_2_Relationship = '" & PDV_C2_Relationship.Text & "' ,
Collector_2_Address_1 = '" & PDV_C2_Address_1.Text & "' ,
Collector_2_Address_2 = '" & PDV_C2_Address_2.Text & "' ,
Collector_2_Address_3 = '" & PDV_C2_Address_3.Text & "' ,
Collector_2_Postcode = '" & PDV_C2_Postcode.Text & "' ,
Collector_2_Tel_No = '" & PDV_C2_Work_No.Text & "' ,
Collector_2_Mob_No = '" & PDV_C2_Mobile_No.Text & "' ,
Collection_Instructions = '" & PDV_Collection_Instructions.Text &"' ,
Doctor_Name = '" & PDV_M_First_Name.Text & "' ,
Practice_Name = '" & PDV_M_Practice.Text & "' ,
Doctor_Address_1 = '" & PDV_M_Address_1.Text & "' ,
Doctor_Address_2 = '" & PDV_M_Address_2.Text & "'
,Doctor_Address_3 = '" & PDV_M_Address_3.Text & "' ,
Doctor_Postcode = '" & PDV_M_Postcode.Text & "' ,
Doctor_Contact_No = '" & PDV_M_Contact_No.Text & "' ,
Vaccinations = '" & PDV_M_Vaccinations.Text & "' ,
Allergies = '" & PDV_M_Allergies.Text & "' ,
Food_Dislikes '" & PDV_M_Dislikes.Text & "' ,
Special_Needs = '" & sn & "' ,
Special_Needs_Details = '" & PDV_M_Special_Needs.Text & "' ,
Medication_Application = '" & MA & "' ,
Medication_Details = '" & PDV_M_Medication.Text & "' ,
Medical_Problems = '" & PDV_M_Medical_Info.Text & "' ,
ICE_First_Name = '" & PDV_ICE_First_Name.Text & "' ,
ICE_Surname = '" & PDV_ICE_Surname.Text & "' ,
ICE_Relationship = '" & PDV_ICE_CB_Relationship.Text & "' ,
ICE_Address_1 = '" & PDV_ICE_Address_1.Text & "' ,
ICE_Address_2 = '" & PDV_ICE_Address_2.Text & "' ,
ICE_Address_3 = '" & PDV_ICE_Address_3.Text & "' ,
ICE_Postcode = '" & PDV_ICE_Postcode.Text & "' ,
ICE_Tel_No = '" & PDV_ICE_Home_No.Text & "' ,
ICE_Mob_No = '" & PDV_ICE_Mobile_No.Text & "' ,
Emergency = '" & A & "' ,
Safety = '" & B & "' ,
Information = '" & C & "' ,
Medical_Form = '" & D & "' ,
Stats = '" & U & "' ,
Consent_PG = '" & F & "' ,
Consent_Photo = '" & G & "' ,
Consent_Face_Paint = '" & H & "' ,
Consent_Trips_Dore_Village = '" & I & "' ,
Consent_Trips_Dore_Recc = '" & J & "' ,
Consent_Scooter = '" & K & "' ,
Consent_Plaster = '" & L & "' ,
Consent_Sun_Cream = '" & M & "' ,
Attendance_Monday = '" & N & "' ,
Attendance_Tuesday = '" & O & "' ,
Attendance_Wednesday = '" & P & "' ,
Attendance_Thursday = '" & Q & "' ,
Attendance_Friday = '" & R & "' ,
Signed = '" & S & "' ,
Sign_Date = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Sign.Value,10) & "' ,
Waiting_List = '" & T & "' , Date_Of_Application = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Application.Value,10) & "' ,
Date_Added = '" & Microsoft.VisualBasic.Left(PDV_O_Datetime_Added.Value,10) & "' ,
Added_By = '" & PDV_O_CB_Added.Text & "' ,
Other_Info = '" & PDV_Other.Text & "'
WHERE Pupil_ID = '" & Pupil & "'"
Which is pretty massive but everytime i run it i get a syntax error like this below:
System.Data.SQLite.SQLiteException: SQLite error
near "''": syntax error
at System.Data.SQLite.SQLite3.Prepare(SQLiteConnection cnn, String strSql, SQLiteStatement previous, UInt32 timeoutMS, String& strRemain)
at System.Data.SQLite.SQLiteCommand.BuildNextCommand()
at System.Data.SQLite.SQLiteCommand.GetStatement(Int32 index)
at System.Data.SQLite.SQLiteDataReader.NextResult()
at System.Data.SQLite.SQLiteDataReader..ctor(SQLiteCommand cmd, CommandBehavior behave)
at System.Data.SQLite.SQLiteCommand.ExecuteReader(CommandBehavior behavior)
at System.Data.SQLite.SQLiteCommand.ExecuteNonQuery()
at ContactsDatabase.Search_Pupil.Button2Click(Object sender, EventArgs e) in F:\Backup\ContactsDatabase\Search_Pupil.vb:line 1067
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(ApplicationContext context)
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnRun()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(String[] commandLine)
at ContactsDatabase.My.MyApplication.Main(String[] Args) in 17d14f5c-a337-4978-8281-53493378c1071.vb:line 81
I have checked manually and searched for this mysterious " '' " but it is not in this query! The only thing i can think of is that it is where a record is blank however in a very similar query i have for updating staff it doesn't error if it is blank! Please help!
Thanks


To save space and time, I'm only going to show you a shortened version of how to fix this. The technique shown here will not only fix your sql formatting issue, but also fix the huge gaping security issue with the current code:
SQLcommand.CommandText = "UPDATE Pupil
SET Pupil_Name = #PupilName,
Pupil_Middle_Name = #PupilMiddleName,
Pupil_Surname = #PupilSurName,
Pupil_Prefferend_Name = #PupilPreferredName,
Gender = #Gender ,
DOB = #DOB,
...
WHERE Pupil_ID = #PupilID"
'Guessing at parameter types/lengths here. Use actual types and lengths from your DB
SQLcommand.Parameters.Add("#PupilName", SqlDbType.NVarChar, 30).Value = PDV_First_Name.Text
SQlcommand.Parameters.Add("#PupilMiddleName", SqlDbType.NVarChar, 30).Value= PDV_Middle_Name.Text
SQLcommand.Parameters.Add("#PupilSurName", SqlDbType.NVarChar, 40).Value = PDV_Surname.Text
SQLcommand.Parameters.Add("#PupilPreferredName", SqlDbType.NVarChar, 30).Value = PDV_P_Name.Text
SQLcommand.Parameters.Add("#Gender", SqlDbType.Char, 1).Value = gender
SQLcommand.Parameters.Add("#DOB", SqlDbType.DateTime).Value = DateTime.Parse(Microsoft.VisualBasic.Left(PDV_bday.Value,10))
'...
SQLcommand.Parameters.Add("#PupilID", SqlDbType.Int).Value = Pupil

Related

Updating table with changes to textbox

I have a table of vehicle info (5 fields per vehicle) with the capabilities of multiple vehicles per person. I have all 5 fields and all vehicles going into a multidimensional array and populating a textbox based on the vehicle number (ie vic1, vic2...). I need to update the table if any of the vehicle information is change. I have a different text box for each vehicle. I'm not sure how to take the changes (additions/deletions/updates) and load it back into the table.
Private Sub cmdDone_Click()
strMake1 = VicArray(0, 0)
strModel1 = VicArray(0, 1)
strYear1 = VicArray(0, 2)
strColor1 = VicArray(0, 1)
strPlate1 = VicArray(0, 1)
strMake2 = VicArray(1, 0)
strModel2 = VicArray(1, 1)
strYear2 = VicArray(1, 2)
strColor2 = VicArray(1, 3)
strPlate2 = VicArray(1, 4)
.
.
.
strMake6 = VicArray(5, 0)
strModel6 = VicArray(5, 1)
strYear6 = VicArray(5, 2)
strColor6 = VicArray(5, 3)
strPlate6 = VicArray(5, 4)
strUpdate = "Update VehicleInfo SET " & _
"Vic1License = '" & strPlate1 & "',Vic1Make = '" & strMake1 & "', Vic1Model = '" & strModel1 & "', Vic1Year = '" & strYear1 & "', Vic1Color = '" & strColor1 & " Handicapped= " & strhandicap & "'," & _
"Vic2License = '" & strPlate2 & "',Vic2Make = '" & strMake2 & "', Vic2Model = '" & strModel2 & "', Vic2Year = '" & strYear2 & "', Vic2Color = '" & strColor2 & "'," & _
"Vic3License = '" & strPlate3 & "',Vic3Make = '" & strMake3 & "', Vic3Model = '" & strModel3 & "', Vic3Year = '" & strYear3 & "', Vic3Color = '" & strColor3 & "'," & _
"Vic4License = '" & strPlate4 & "',Vic4Make = '" & strMake4 & "', Vic4Model = '" & strModel4 & "', Vic4Year = '" & strYear4 & "', Vic4Color = '" & strColor4 & "'," & _
"Vic5License = '" & strPlate5 & "',Vic5Make = '" & strMake5 & "', Vic5Model = '" & strModel5 & "', Vic5Year = '" & strYear5 & "', Vic5Color = '" & strColor5 & "'," & _
"Vic6License = '" & strPlate6 & "',Vic6Make = '" & strMake6 & "', Vic6Model = '" & strModel6 & "', Vic6Year = '" & strYear6 & "', Vic6Color = '" & strColor6 & "'," & _
" WHERE ( LastName= '" & TxtLast & "', AND FirstName= '" & txtFirst & "')"
DoCmd.RunSQL strUpdate

I think you are trying to do manually what Access can do for you automatically.
I would suggest setting the recordsource of your form to the table VehicleInfo. Then, set the control source of each control to the fields of that table.
Try this article, it should give you a good intro to using Access more effectively.
https://support.office.com/en-us/article/introduction-to-forms-e8d47343-c937-44e8-a80f-b6a83a1fa3ae
I'm thinking you should have your VehicleInfo form filtered for the name chosen from the first form. The first form could have something like this:
public sub btn_Click()
DoCmd.OpenForm "VehicleInfoForm", , , "Name = '" & selectedName & "'"
end sub
And then the vehicle info form would display the information for that user. Whenever they make changes to the text boxes, it would be saved when they close the form. Assuming it is all bound properly.

I actually split it by a delimiting variable and loaded it into a different array.
SplitArray1 = Split(txtVic1.Value, ",")
strMake1 = SplitArray1(0)
strModel1 = SplitArray1(1)
strYear1 = SplitArray1(2)
strColor1 = SplitArray1(3)
strPlate1 = SplitArray1(4)
.
.
.

DCount syntax error

Why does DCOUNT cause a syntax error?
DCount("[Commercial_name] + [Producer] + [Start_date]", "[Cleaning product]", "[Commercial_name] = '" & Me.PP.Value & "' AND [Producer] = '" & Me.PR.Value & "' AND [Start_date] = '" & Me.Rdate.Value & "'")
On the VBA page is all on one line

It's the date:
DCount("*", "[Cleaning product]", "[Commercial_name] = '" & Me!PP.Value & "' And [Producer] = '" & Me!PR.Value & "' And [Start_date] = #" & Format(Me!Rdate.Value, 'yyyy\/mm\/dd') & "#")

My data type in MS Access is Date and Time my error is mis match data type

my data type in my database is date/time
my error is data type mis match
please help tnx...
Dim try3 As String
cmd1 = "SELECT count(new) AS cnew FROM sheet WHERE empname = '" & try3 & "' AND new IS NOT NULL"
cmd2 = "SELECT count(rev1) AS crev1 FROM sheet WHERE empname = '" & try3 & "' AND rev1 <> '" & try2 & "' "
cmd3 = "SELECT count(rev2) AS crev2 FROM sheet WHERE empname = '" & try3 & "' AND rev2 <> '" & try2 & "' "
cmd4 = "SELECT count(rev3) AS crev3 FROM sheet WHERE empname = '" & try3 & "' AND rev3 <> '" & try2 & "' "
cmd5 = "SELECT count(rev4) AS crev4 FROM sheet WHERE empname = '" & try3 & "' AND rev4 <> '" & try2 & "' "
cmd6 = "SELECT count(rev5) AS crev5 FROM sheet WHERE empname = '" & try3 & "' AND rev5 <> '" & try2 & "' "

If try2 is your date variable, it should read:
AND rev1 <> #" & try2.ToString("yyyy'/'mm'/'dd") & "# "

how to query my data using multiple textboxes

i have textboxes called classno 1 to 8
i have a code like this:
Dim sqlQuery As String = "SELECT ClassNo, SubjectCode, Title, Lec, Lab, Days,
TimeSlot, roomNo, Ins_ID
from studSched WHERE SubjectCode = '" & classno1.Text & "' and '" & classno2.Text & "' and '" & classno3.Text &
"' AND'" & classno4.Text & "' AND'" & classno5.Text & "' AND '" & classno6.Text & "' AND'" & classno7.Text & "' AND'" & classno8.Text & "' "
where textbox classno 1 to 8 have a value of subject 1 to 8
ex:
classno1="subject1"
how to query all textboxes in my access
my probelem is it will get all data in my access,
how to get all specific data in my access..
i need a code of my query..

I think you need this
Dim sqlQuery As String = "SELECT ClassNo, SubjectCode, Title, Lec,
Lab, Days,TimeSlot, roomNo, Ins_ID
FROM studSched
WHERE SubjectCode = '" & classno1.Text & "' AND
SubjectCode = '" & classno2.Text & "' AND
SubjectCode = '" & classno3.Text & "' AND
SubjectCode = '" & classno4.Text & "' AND
SubjectCode = '" & classno5.Text & "' AND
SubjectCode = '" & classno6.Text & "' AND
SubjectCode = '" & classno7.Text & "' AND
SubjectCode = '" & classno8.Text & "' "
And this is not recommended, Use Parameterized Query
Dim Cmd as New SqlCommand()
cmd.Connection = con
cmd.CommandText = "SELECT ClassNo, SubjectCode, Title, Lec,Lab, Days,TimeSlot, roomNo,Ins_ID
FROM studSched WHERE SubjectCode = #Sub1 AND SubjectCode = #Sub2 AND
SubjectCode = #Sub3 AND SubjectCode = #Sub4 AND
SubjectCode = #Sub5 AND SubjectCode = #Sub6 AND
SubjectCode = #Sub7 AND SubjectCode = #Sub8"
cmd.Parameters.AddWithValue("#Sub1", classno1.Text)
cmd.Parameters.AddWithValue("#Sub2", classno2.Text)
cmd.Parameters.AddWithValue("#Sub3", classno3.Text)
cmd.Parameters.AddWithValue("#Sub4", classno4.Text)
cmd.Parameters.AddWithValue("#Sub5", classno5.Text)
cmd.Parameters.AddWithValue("#Sub6", classno6.Text)
cmd.Parameters.AddWithValue("#Sub7", classno7.Text)
cmd.Parameters.AddWithValue("#Sub8", classno8.Text)

VB.Net Query Syntax Error in MS Access

Dim cmd As OleDb.OleDbCommand = New OleDbCommand(" UPDATE Items SET PartNo = " & PartNoTxt.Text & ", EqptDesc = '" & DescTxt.Text & "', Qty = '" & QtyTxt.Text & "', Pasok = '" & InTxt.Text & "', Labas = '" & OutTxt.Text & "', Tapos = '" & EndTxt.Text & "', SerialNumber = '" & SerialTxt.Text & "', CalibrationType = '" & CalType.Text & "', CalibrationDate = '" & CalOn.Value.Date & "', SupplierDue = '" & SuppDue.Value.Date & "', TodaysDate = '" & TodDate.Value.Date & "', Validity = '" & Validity.Text & "', Status = '" & StatsTxt.Text & "', DiOh = '" & DOTxt.Text & "', User = '" & UserTxt.Text & "', EMType = '" & EMType.Text & "' WHERE CTID = " & TxtItemCode.Text, connection)
I am using MS Access.
Here is the code which I am having problem with, it says "Syntax error in UPDATE statement.".

User is a reserved word in Jet/ACE, so you must surround it with square brackets in your statement:
... & "', [User] = '" & UserTxt.Text & ...