473,321 Members | 1,778 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,321 software developers and data experts.

inserting data into SQL Database

Please,
I want to insert data into SQL Server database. I know for
this commmand:
SqlCommand myCommand= new SqlCommand("INSERT INTO table
(Column1, Column2) " +
"Values ('string', 1)", myConnection);
,but how to insert,lets say,a string from textbox1? Or
datetime from textbox2?
Thank you
djozy
Nov 15 '05 #1
1 17262
I'd recommend using the parameters collection rather than concatenating SQL
Statement into a string (Which is susceptible to SQL Injection exploits),
for example using SqlDataAdapter wizard code you would add the following
line:

SqlInsertCommand1.Parameters["@LastName"].Value = textBox1.Text;

I included some IDE generated code at the bottom of the email so you can see
how the above line relates to the SqlCommand as a whole.
--
Brian M. Reisman
MCAD, MCDBA, MCSD,
MCSE, MCT, OCA, NET+
My Book @ Amazon: http://www.amazon.com/exec/obidos/tg...l/-/0782141617
Wizard generated code:

this.sqlInsertCommand1.CommandText = @"INSERT INTO Employees(LastName,
FirstName, Title, TitleOfCourtesy, BirthDate, HireDate, Address, City,
Region, PostalCode, Country, HomePhone, Extension, Photo, Notes, ReportsTo,
PhotoPath) VALUES (@LastName, @FirstName, @Title, @TitleOfCourtesy,
@BirthDate, @HireDate, @Address, @City, @Region, @PostalCode, @Country,
@HomePhone, @Extension, @Photo, @Notes, @ReportsTo, @PhotoPath); SELECT
EmployeeID, LastName, FirstName, Title, TitleOfCourtesy, BirthDate,
HireDate, Address, City, Region, PostalCode, Country, HomePhone, Extension,
Photo, Notes, ReportsTo, PhotoPath FROM Employees WHERE (EmployeeID =
@@IDENTITY)";

this.sqlInsertCommand1.Connection = this.sqlConnection2;

this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@LastName",
System.Data.SqlDbType.NVarChar, 20, "LastName"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@FirstName",
System.Data.SqlDbType.NVarChar, 10, "FirstName"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Title", System.Data.SqlDbType.NVarChar,
30, "Title"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@TitleOfCourte sy",
System.Data.SqlDbType.NVarChar, 25, "TitleOfCourtesy"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@BirthDate",
System.Data.SqlDbType.DateTime, 8, "BirthDate"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@HireDate",
System.Data.SqlDbType.DateTime, 8, "HireDate"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Address",
System.Data.SqlDbType.NVarChar, 60, "Address"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@City", System.Data.SqlDbType.NVarChar,
15, "City"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Region",
System.Data.SqlDbType.NVarChar, 15, "Region"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@PostalCode",
System.Data.SqlDbType.NVarChar, 10, "PostalCode"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Country",
System.Data.SqlDbType.NVarChar, 15, "Country"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@HomePhone",
System.Data.SqlDbType.NVarChar, 24, "HomePhone"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Extension",
System.Data.SqlDbType.NVarChar, 4, "Extension"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Photo",
System.Data.SqlDbType.VarBinary, 2147483647, "Photo"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@Notes", System.Data.SqlDbType.NVarChar,
1073741823, "Notes"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@ReportsTo", System.Data.SqlDbType.Int,
4, "ReportsTo"));
this.sqlInsertCommand1.Parameters.Add(new
System.Data.SqlClient.SqlParameter("@PhotoPath",
System.Data.SqlDbType.NVarChar, 255, "PhotoPath"));

"djozy" <an*******@discussions.microsoft.com> wrote in message
news:04****************************@phx.gbl... Please,
I want to insert data into SQL Server database. I know for
this commmand:
SqlCommand myCommand= new SqlCommand("INSERT INTO table
(Column1, Column2) " +
"Values ('string', 1)", myConnection);
,but how to insert,lets say,a string from textbox1? Or
datetime from textbox2?
Thank you
djozy

Nov 15 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

13
by: perplexed | last post by:
How do you convert a user inputted date to a unix timestamp before insterting it into your database? I have a form, with a textfield for a date that the user inputs in the format mm-dd-yyyy and...
7
by: Jared Evans | last post by:
I developed a console application that will continually check a message queue to watch for any incoming data that needs to be inserted into MS SQL database. What would be a low-cost method I...
2
by: altergothen | last post by:
Hi there I am a newbie to ASP.Net - Please Help! I am trying to insert the values of my variables into a database. If I try the following it works perfectly: string insertQuery = "INSERT into...
6
by: Pushpendra Vats | last post by:
Hi , I am trying to insert records into database. I am trying to write the following code. On button1 click event i am inserting five records and after that i am calling the update method of...
0
by: pd123 | last post by:
I'm new to C# and .net and I'm trying to create a form that will register users in a sql server database. I have the following code but when I run the code I get an error " The name 'Peter' is...
2
by: Etayki | last post by:
Hi! I am trying to insert data into a MS SQL Database from a Console Application written in VB.net I have already created the table in the database and I am able to read values. When I insert a...
3
by: Surya | last post by:
Dear All, I have problem on inserting a record to database..Although it looked easy.. i have caught up with following issue .. please go ahead and help me to find solution I Need to insert...
2
by: Ravigandha | last post by:
Hello everybody, My question is how to insert special characters and symbols in Mysql5 database and how to retrieve them from database in php. Here i am inserting some data from a form,by post...
6
by: Bunty | last post by:
I want to insert values in the database.If i insert values one by one then it works till 4 or 5 fields then after it gives error.In my database there are more than 20 field.Pls help me.
2
by: AlexanderDeLarge | last post by:
Hi! I got a problem that's driving me crazy and I'm desperately in need of help. I'll explain my scenario: I'm doing a database driven site for a band, I got these tables for their discography...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.