By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
446,279 Members | 2,146 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 446,279 IT Pros & Developers. It's quick & easy.

"No value given for one or more required parameters" Error

P: n/a
Hello,

When I execute the code below, I get:

"Microsoft JET Database Engine (0x80040E10)
No value given for one or more required parameters." error message in
the first line.

Rs.Open "SELECT * From Unvanlar WHERE Unvan = " & kayit8, Con, 3,3
If rs.EOF Then
Con.Execute ("INSERT INTO Unvanlar (Unvan) VALUES
('"&kayit8&"')"),,129
End If
Rs.Close

The variable is string and the field in access table is text. I'm sure
that field names in the code and table are correct as well.

What can I do to solve that?

Apr 5 '06 #1
Share this Question
Share on Google+
3 Replies


P: n/a

Grayscale wrote:
Hello,

When I execute the code below, I get:

"Microsoft JET Database Engine (0x80040E10)
No value given for one or more required parameters." error message in
the first line.

Rs.Open "SELECT * From Unvanlar WHERE Unvan = " & kayit8, Con, 3,3
If rs.EOF Then
Con.Execute ("INSERT INTO Unvanlar (Unvan) VALUES
('"&kayit8&"')"),,129
End If
Rs.Close

The variable is string and the field in access table is text. I'm sure
that field names in the code and table are correct as well.

What can I do to solve that?


If Unvan is a text field, the variable should be delimited as text:

WHERE Unvan = '" & kayit9 & "'"

You would have found that out if you response.write your sql

sql = "SELECT * From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,3,3

But why are you selecting * from the table when you are only checking
to see if one value exists?

sql = "SELECT Unvan From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,3,3

The cursor you are using is this context is expensive and unnecessary.
The default one would be better.

sql = "SELECT Unvan From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,,1

I'd mention to you the dangers of using dynamic SQL, but I notice that
Bob Barrows has already done so in a previous post.

--
Mike Brind

Apr 5 '06 #2

P: n/a
Grayscale wrote:
Hello,

When I execute the code below, I get:

"Microsoft JET Database Engine (0x80040E10)
No value given for one or more required parameters." error message in
the first line.

Rs.Open "SELECT * From Unvanlar WHERE Unvan = " & kayit8, Con, 3,3
If rs.EOF Then
Con.Execute ("INSERT INTO Unvanlar (Unvan) VALUES
('"&kayit8&"')"),,129
the syntax here is incorrect - see below:
End If
Rs.Close

The variable is string and the field in access table is text. I'm sure
that field names in the code and table are correct as well.

What can I do to solve that?

You cannot solve ssql syntax issues without seeing the actual sql statements
being executed by the database. That means you need to see the result of
your concatenations:

sql="SELECT * From Unvanlar WHERE Unvan = " & kayit8
response.write sql
rs.open sql, Con, 3,3
....
sql="INSERT INTO Unvanlar (Unvan) VALUES ('" & kayit8 & "')"
response.write sql
Con.Execute (sql,,129)

You will, of course, comment out the response.write statements when
everything is running correctly.
I believe fixing the syntax of your Execute call should solve your problem
so I will leave you with this:

Further points to consider:
You use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23

See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/...e36562fee7804e

Personally, I prefer using stored procedures, or saved parameter queries as
they are known in Access:

Access:
http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl

http://groups.google.com/groups?hl=e...tngp13.phx.gbl

Bob barrows

--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Apr 5 '06 #3

P: n/a

Mike Brind wrote:
Grayscale wrote:
Hello,

When I execute the code below, I get:

"Microsoft JET Database Engine (0x80040E10)
No value given for one or more required parameters." error message in
the first line.

Rs.Open "SELECT * From Unvanlar WHERE Unvan = " & kayit8, Con, 3,3
If rs.EOF Then
Con.Execute ("INSERT INTO Unvanlar (Unvan) VALUES
('"&kayit8&"')"),,129
End If
Rs.Close

The variable is string and the field in access table is text. I'm sure
that field names in the code and table are correct as well.

What can I do to solve that?


If Unvan is a text field, the variable should be delimited as text:

WHERE Unvan = '" & kayit9 & "'"

You would have found that out if you response.write your sql

sql = "SELECT * From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,3,3

But why are you selecting * from the table when you are only checking
to see if one value exists?

sql = "SELECT Unvan From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,3,3

The cursor you are using is this context is expensive and unnecessary.
The default one would be better.

sql = "SELECT Unvan From Unvanlar WHERE Unvan = '" & kayit9 & "'"
'response.write sql
rs.open sql con,,1

I'd mention to you the dangers of using dynamic SQL, but I notice that
Bob Barrows has already done so in a previous post.

--
Mike Brind


Oops. Missed out the comma after sql in the above:

rs.open sql, con,,1

Apr 5 '06 #4

This discussion thread is closed

Replies have been disabled for this discussion.