Ole DB statement runs in Access but not in Visual Studios - sql

I have the following statement and it returns my desired result in Access however in Visual Studio, I receive an error saying "; expected", what could be the problem?
var query = "SELECT Count(*) FROM usersTable WHERE (((usersTable.[uDateCreated]) Between DateAdd("d",-2,Now()) And Now()))";

You need to escape your quotes inside your string:
" .. Between DateAdd(\"d\",-2 .. "
^ ^ escape the quotes

You're using a quotation mark in your query, which is ending the string. Use apostrophes around d instead:
var query = "SELECT Count(*) FROM usersTable WHERE (((usersTable.[uDateCreated]) " & _
"Between DateAdd('d',-2,Now()) And Now()))"
Specifically:
DateAdd('d',-2,Now())

I think your problem is that you have " (quotes) in your string without escaping them. I donut know which language you are using, but for many you escape with \ (backslash), then your string would read DateAdd(\"d\",

Related

Syntax error in where clause in Access

The error I am getting is Syntax error in where clause in Access.
Here is the code:
SQL = "Select * FROM tblPermitAgencyInformation & WHERE [RecordID] = " & Me.AgencyInfoRecordID.Value
Set rs = db.OpenRecordset(SQL)
RecordID is an autonumber field and the AgencyInfoRecordID is an integer.
It looks like you misread the article you state. It appears to be attempting to format the adhoc query in the text variable.
Note: it says
strSQL = "SELECT wazzle FROM bamsploot" & vbCrLf & " WHERE plumsnooker = 0"
You need to make sure that you have the ampersands outside of the quotes, (they are used to append variables and strings together in this case)
Follow June7 advice and remove the ampersand there. It should help you get running.
Make your code this:
SQL = "Select * FROM tblPermitAgencyInformation WHERE [RecordID] = " & Me.AgencyInfoRecordID.Value
Hope that helps

Error When executing a sql statement

When i am trying to execute the following command i get the following output error.
("INSERT INTO Leaves (EmpID,TotalLeavesRemaining,Year)
SELECT EmpID,TotalLeavesRemaining,'" + year + "'
FROM Leaves
WHERE Year = '" + yearbefore + "' ", con)
Additional information: Conversion from string
INSERT INTO Leaves (EmpID,TotalL" to type 'Double' is not valid.
When i run the command directry through the sql management studio the query does its job !
If you really need to concatenate SQL string then convert your year to string or join using & instead of +
("INSERT INTO Leaves (EmpID,TotalLeavesRemaining,Year)
SELECT EmpID,TotalLeavesRemaining,'" + year.ToString + "'
FROM Leaves
WHERE Year = '" + yearbefore.ToString + "' ", con)
If you put single quotes around your year number it makes it a string. But apparently your year column is of type double. (Why? Shouldn't' it be of type int?). Remove the single quotes!
And also use command parameters. This makes it safer, less error prone and also faster, as the SQL-Server can cache the query and reuse it without having to recompile it and to create an execution plan again.
using (var cmd new SqlCommand(#"INSERT INTO Leaves (EmpID, TotalLeavesRemaining, Year)
SELECT EmpID,TotalLeavesRemaining, #year
FROM Leaves
WHERE Year = #yearbefore", con)) {
cmd.Parameters.AddWithValue("#year", 2015);
cmd.Parameters.AddWithValue("#yearbefore", 2014);
...
}
Note that you don't need any quotes around parameters, even for string parameters. They free you from escaping strings, formatting numbers and dates.
If you want to use multiline strings, use verbatim strings introduced with an #. These string literals can span multiple lines and don't interpret the backslash (\) as an escape character. Single quotes can be escaped by double single quotes.

Quoting problems with a string query in sql

I am trying to make a query using the LIKE operator
String camp= nomePesquisa.getValue();
String ql = "select from pessoal where nome_Pessoa like ""'%"+camp+"%'" "";
and it gives the following error
Multiple markers at this line
- Syntax error on token """", delete this
token
There is a basic mistake that causes all the issues: you don't use parameterized queries. This will a) secure your code against SQL injection, and b) make your SQL easier to write.
In my preferred programming language, C#, it would look like this:
"select from pessoal where nome_Pessoa like #name"
Where #name is the name of the parameter you have to pass in.
It seems according to your code you are using Java. This might help you in that case.
try this
String ql = "select * from pessoal where nome_Pessoa like '%"+camp+"%'+ ";
you've put to many quetas, but if you need them to bee in string for some reason, you should escape them \".
P.S. you forgot to type what you wanna select
Select * FROM table or SELECT col1,col2 FROM TABLE
P.S.S. don't put parameters in query like that, because it is an easy way for Query Injection.
Remove all the " from that line:
String ql = "select from pessoal where nome_Pessoa like '%"+camp+"%'+ ";
You aren't concatenating anything there.
Please use the following to remove the unnecessary quotes:
String ql = "select from pessoal where nome_Pessoa like '%"+camp+"%'+ ";
Also, you can use some escape characters.
You can simply write it as
String ql = "select from pessoal where nome_Pessoa like '%" + camp + "%'";
Change the following code
String ql = "select from pessoal where nome_Pessoa like '%"+camp+"%'+ ";
You missed the plus operator

Syntax on SQL statement with multiple conditions in WHERE clause

I am getting a run time 3075 issue on the following SQL string below. Is it possible I am missing parentheses?
sql_get =
"SELECT [tblCompetency02].[HighLevelObjective],
[tblCompetency04].[Self],
[tblCompetency04].[SelfSpecialLanguage],
[tblCompetency04].[SelfChecklist],
[tblCompetency04].[Team],
[tblCompetency04].[TeamSpecialLanguage],
[tblCompetency04].[TeamChecklist],
[tblCompetency04].[Organisation],
[tblCompetency04].[OrganisationSpecialLanguage],
[tblCompetency04].[OrganisationChecklist],
[tblCompetency02].[Competency]
FROM [tblCompetency04]
INNER JOIN [tblCompetency02]
ON [tblCompetency04].[HighLevelObjective] = [tblCompetency02].[ID]
WHERE [tblcompetency04].[self]<>"" or [tblcompetency04].[team]<>"" or [tblcompetency04].[organisation]<>"""
Form_frmStaticDataSkills02.Form.RecordSource = sql_get
Examine the WHERE clause of the statement your code creates.
Here's an Immediate window session:
sql_get = "WHERE [tblcompetency04].[self]<>"" or [tblcompetency04].[team]<>"" or [tblcompetency04].[organisation]<>"""
Debug.Print sql_get
WHERE [tblcompetency04].[self]<>" or [tblcompetency04].[team]<>" or [tblcompetency04].[organisation]<>"
Notice there is just one double quote character in each of these cases: <>"
If you want to have double quotes inside the string, use two to get one ...
sql_get = "WHERE [tblcompetency04].[self]<>"""" or [tblcompetency04].[team]<>"""" or [tblcompetency04].[organisation]<>"""""
Debug.Print sql_get
WHERE [tblcompetency04].[self]<>"" or [tblcompetency04].[team]<>"" or [tblcompetency04].[organisation]<>""
But I think it is less confusing and less error-prone to use single quotes inside the string ...
sql_get = "WHERE [tblcompetency04].[self]<>'' or [tblcompetency04].[team]<>'' or [tblcompetency04].[organisation]<>''"
Debug.Print sql_get
WHERE [tblcompetency04].[self]<>'' or [tblcompetency04].[team]<>'' or [tblcompetency04].[organisation]<>''

SQL Like statement not working in Visual Basic

Dim strText As String = tbRefine.Text
Dim sql As String = "SELECT user_name,forename,surname,game_cash,reg_group FROM tblGame WHERE user_name LIKE '" + strSearchText + "' & '*'"
Dim dsRefine As New DataSet
GetDataset(sql, "tblGame", dsRefine)
MsgBox(dsRefine.Tables("tblGame").Rows(0).Item(2).ToString)
This is not working, it crashes and says there is nothing in the dataset.
I know the dataset function works as its worked successfully before.
When i print out the sql statement into microsoft access it works fine. What am i doing wrong
Try this:
"SELECT user_name,forename,surname,game_cash,reg_group
FROM tblGame
WHERE user_name LIKE '%" + strSearchText + "%'"
Try to use the RTRIM() function in your line:
Dim sql As String = "SELECT user_name,forename,surname,game_cash,reg_group
FROM tblGame
WHERE RTRIM(user_name) LIKE '" + strSearchText + "' & '*'"
What about leading or trailing % symbols in your like?
At the moment you will end up with a where clause like:
LIKE 'searchtext''*'
which looks a bit odd (I assume SQL server?).
It's wiser to use SQL parameters as your method is open to SQL injection. The link below will help with how to format the SQL statement. I would also suggest doing it via a store procedure, but hats optional...
http://forums.asp.net/t/1256985.aspx
I think there's one more thing to be mentioned:
the "*" wildcard character works for the "Like" operator in VB/VBA/MS-Access, but not in T-SQL.
The correct wildcard character for the "Like" operator in T-SQL is "%".
That's why this T-SQL statement:
Select... WHERE ... LIKE 'sText*'
returned no data without any syntax error in MS-SQL(using T-SQL), but works in MS-Access.