473,322 Members | 1,566 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

INSERT INTO...(password) syntax error


Hi! I am currently creating a Registration form which contained: UserID
Password, FirstName and LastName.

These details would be inserted into Ms Access when I click submi
button. But I encounter with the problem to insert 'Password'. It work
fine if I did not insert 'Password' but if I did, it will shows that
have "syntax error: INSERT INTO..."

Did I miss something to write? Please kindly have a look on the cod
below, Thank you!

<%@ Import Namespace="System.Data" %>

<%@ Imports Namespace="System.Data.OleDb" %>

Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e A
System.EventArgs) Handles btnSubmit.Click

Dim InsertCmd As New OleDbCommand

Dim SQLInsert As String

Dim DBConn As OleDbConnection

Dim Connstr As String

Connstr = "Provider=Microsoft.jet.oledb.4.0;" & _

"DAT
SOURCE=C:\Inetpub\wwwroot\samples\Project\bin\Proj ect-Library.mdb"

SQLInsert = "INSERT INTO User_Profile (UserID, Password, FirstName
LastName) VALUES ('" & txtUserID.Text & "', '" & txtRegPwd.Text & "'
'" & txtFirstName.Text & "', '" & txtLastName.Text & "')"

'Create connection

DBConn = New OleDbConnection(Connstr)

InsertCmd.Connection = DBConn

InsertCmd.CommandText = SQLInsert

Try

DBConn.Open()

InsertCmd.ExecuteNonQuery()

Catch ex As Exception

Response.Write(ex.ToString())

Finally

DBConn.Close()

End Try

End Su

--
jinhy82Posted from http://www.pcreview.co.uk/ newsgroup acces

Nov 19 '05 #1
3 1609
hi,
use [password] instead of password in the insert statement since password is
a reserved keyword.
--
The best
srini
http://www.expertszone.com
"jinhy82" wrote:

Hi! I am currently creating a Registration form which contained: UserID,
Password, FirstName and LastName.

These details would be inserted into Ms Access when I click submit
button. But I encounter with the problem to insert 'Password'. It works
fine if I did not insert 'Password' but if I did, it will shows that I
have "syntax error: INSERT INTO..."

Did I miss something to write? Please kindly have a look on the code
below, Thank you!

<%@ Import Namespace="System.Data" %>

<%@ Imports Namespace="System.Data.OleDb" %>

Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles btnSubmit.Click

Dim InsertCmd As New OleDbCommand

Dim SQLInsert As String

Dim DBConn As OleDbConnection

Dim Connstr As String

Connstr = "Provider=Microsoft.jet.oledb.4.0;" & _

"DATA
SOURCE=C:\Inetpub\wwwroot\samples\Project\bin\Proj ect-Library.mdb"

SQLInsert = "INSERT INTO User_Profile (UserID, Password, FirstName,
LastName) VALUES ('" & txtUserID.Text & "', '" & txtRegPwd.Text & "',
'" & txtFirstName.Text & "', '" & txtLastName.Text & "')"

'Create connection

DBConn = New OleDbConnection(Connstr)

InsertCmd.Connection = DBConn

InsertCmd.CommandText = SQLInsert

Try

DBConn.Open()

InsertCmd.ExecuteNonQuery()

Catch ex As Exception

Response.Write(ex.ToString())

Finally

DBConn.Close()

End Try

End Sub
--
jinhy82Posted from http://www.pcreview.co.uk/ newsgroup access

Nov 19 '05 #2

It's not good to use string concatenation in SQL commands. The better way is
to use parameters...
http://samples.gotdotnet.com/quickst...teCommand.aspx

Are you sure that there is no error in field name 'Password'? Maybe you have
a typos in database table?

"jinhy82" <jinhy82.1q7a2y@> wrote in message
news:oc********************@giganews.com...

Hi! I am currently creating a Registration form which contained: UserID,
Password, FirstName and LastName.

These details would be inserted into Ms Access when I click submit
button. But I encounter with the problem to insert 'Password'. It works
fine if I did not insert 'Password' but if I did, it will shows that I
have "syntax error: INSERT INTO..."

Did I miss something to write? Please kindly have a look on the code
below, Thank you!

<%@ Import Namespace="System.Data" %>

<%@ Imports Namespace="System.Data.OleDb" %>

Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles btnSubmit.Click

Dim InsertCmd As New OleDbCommand

Dim SQLInsert As String

Dim DBConn As OleDbConnection

Dim Connstr As String

Connstr = "Provider=Microsoft.jet.oledb.4.0;" & _

"DATA
SOURCE=C:\Inetpub\wwwroot\samples\Project\bin\Proj ect-Library.mdb"

SQLInsert = "INSERT INTO User_Profile (UserID, Password, FirstName,
LastName) VALUES ('" & txtUserID.Text & "', '" & txtRegPwd.Text & "',
'" & txtFirstName.Text & "', '" & txtLastName.Text & "')"

'Create connection

DBConn = New OleDbConnection(Connstr)

InsertCmd.Connection = DBConn

InsertCmd.CommandText = SQLInsert

Try

DBConn.Open()

InsertCmd.ExecuteNonQuery()

Catch ex As Exception

Response.Write(ex.ToString())

Finally

DBConn.Close()

End Try

End Sub
--
jinhy82Posted from http://www.pcreview.co.uk/ newsgroup access

Nov 19 '05 #3
jinhy82 wrote:
Hi! I am currently creating a Registration form which contained:
UserID, Password, FirstName and LastName.

These details would be inserted into Ms Access when I click submit
button. But I encounter with the problem to insert 'Password'. It
works fine if I did not insert 'Password' but if I did, it will
shows that I have "syntax error: INSERT INTO..."

Did I miss something to write? Please kindly have a look on the code
below, Thank you!

<%@ Import Namespace="System.Data" %>

<%@ Imports Namespace="System.Data.OleDb" %>

Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles btnSubmit.Click

Dim InsertCmd As New OleDbCommand

Dim SQLInsert As String

Dim DBConn As OleDbConnection

Dim Connstr As String

Connstr = "Provider=Microsoft.jet.oledb.4.0;" & _

"DATA
SOURCE=C:\Inetpub\wwwroot\samples\Project\bin\Proj ect-Library.mdb"

SQLInsert = "INSERT INTO User_Profile (UserID, Password, FirstName,
LastName) VALUES ('" & txtUserID.Text & "', '" & txtRegPwd.Text & "',
'" & txtFirstName.Text & "', '" & txtLastName.Text & "')"

What if a mr O'Brian wants to register?? Your sql will crash!

Look up: sql injection attack
and start looking into parameters.

Hans Kesting
'Create connection

DBConn = New OleDbConnection(Connstr)

InsertCmd.Connection = DBConn

InsertCmd.CommandText = SQLInsert

Try

DBConn.Open()

InsertCmd.ExecuteNonQuery()

Catch ex As Exception

Response.Write(ex.ToString())

Finally

DBConn.Close()

End Try

End Sub

Nov 19 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Neil Zanella | last post by:
Hello, I am trying to execute ADO.NET INSERT statement where one of the fields is coming from a password HTML control. When I access the text with password.Value and print with Response.Write...
3
by: Nathan Sokalski | last post by:
When trying to submit data to an Access database using ASP.NET I recieve the following error: System.Data.OleDb.OleDbCommand.ExecuteCommandTextErrorHandling(Int32 hr) +41...
1
by: Joe | last post by:
Hello All, I am trying to insert a record in the MS Access DB and for some reason I cannot get rid of error message, System.Data.OleDb.OleDbException: Syntax error in INSERT INTO statement. ...
6
by: rn5a | last post by:
During registration, users are supposed to enter the following details: First Name, Last Name, EMail, UserName, Password, Confirm Password, Address, City, State, Country, Zip & Phone Number. I am...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.