So I have this app I'm building (I'm new to C#) and through countless hours i have managed to come up with the following so far on button click event.
I have a text box, dropdown, and a radio button. I want to insert all these values in to a table. the only catch is that the Dropdown value must be used to first cross reference the users table and pull the users UserId and use that value for the INSERT statement. Now heres the code behind...
protected void btnSubmit_Click(object sender, EventArgs e)
{
SqlConnection ConnectionInfo = new SqlConnection();
ConnectionInfo.ConnectionString = ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString;
SqlCommand cmd = new SqlCommand();
if (rbDisabled.Checked)
rbResults.Text = rbDisabled.Text;
if (rbEnabled.Checked)
rbResults.Text = rbEnabled.Text;
string AccountName = AccountName1.Text;
string OwnerName = AllUsersDropDownList1.SelectedValue;
string Status = rbResults.Text;
cmd.CommandText = "SELECT (UserId) FROM (dbo.aspnet_Users) WHERE UserName = " + AllUsersDropDownList1.SelectedValue + ";";
cmd.CommandType = CommandType.Text;
cmd.Connection = ConnectionInfo;
ConnectionInfo.Open();
SqlDataReader reader = cmd.ExecuteReader();
var con = reader.Read();
SqlCommand cmd1 = new SqlCommand();
cmd1.CommandText = "INSERT INTO (dbo.apt_accounts) (account_owner_id, account_name, account_active) VALUES ('" + con + ", " + AccountName + ", " + Status + "')";
cmd1.CommandType = CommandType.Text;
cmd1.Connection = ConnectionInfo;
cmd1.ExecuteReader();
}
}
Problem is I am getting:
Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near ')'.
Line 40: ConnectionInfo.Open();
Line 41:
Line 42: SqlDataReader reader = cmd.ExecuteReader();
Line 43: var con = reader.Read();
Line 44:
Any help to the right direction would be great appreciated. If you need any more info please ask.
Get rid of the parentheses in the SQL string.
7 1897
Get rid of the parentheses in the SQL string.
I am ran in Your code. I am not getting the error.Please Check, you put extra ')' closing parenthese in your Coading.
Look at the underlined characters...thats where it is resulting in an error. Hope this helps. cmd1.CommandText = "INSERT INTO (dbo.apt_accounts) (account_owner_id, account_name, account_active) VALUES ('" + con + ", " + AccountName + ", " + Status + "')";
I found the issue was i didn't space out the ):
"INSERT INTO dbo.apt_accounts ( account_owner_id, account_name, account_active ) VALUES ( '" + reader + "', '" + AccountName + "', '" + Status + "' )";
Worked Fine
and got rid of the ) around collum, DB Thanks Rabbit
Try this version of your code - cmd1.CommandText = "INSERT INTO (dbo.apt_accounts) (account_owner_id, account_name, account_active) VALUES ('" + con + "'", "'" + AccountName + "'", "'" + Status + "')";
You should be using parameterized queries, your current code is just waiting for a SQL Injection attack. Take a look at this:
Parameterized queries: The hows and whys | http://bit.ly/t2hohD Sign in to post your reply or Sign up for a free account.
Similar topics
by: Will Atkinson |
last post by:
Hi All,
I'm a relative newbie to SQL Server, so please forgive me if this is a
daft question...
When I set "Show Execution Plan" on in Query Analyzer, and execute a
(fairly complex) sproc, I...
|
by: luthriaajay |
last post by:
I am using my own namespace called xmlns:i="http://www.ABC/int:i"
in my XSL style sheet.
The input XML document (which has its own namespace) needs to be
mapped with the elements defined in my...
|
by: deepak |
last post by:
Hi There,
i am facing problems while executing the query using ADO.NET,the
problem goes below:
i am using ExecuteDataset(sqlTran, CommandType.Text, query) and my
query is this
SELECT * FROM...
|
by: hussain123 |
last post by:
Hi All,
I am trying to execute a query from my VB.Net application but it throwing an error as "Syntax error in update statement".
The query is:-
Dim UpdQuery As String = "Update tblDefectData set...
|
by: hlnet |
last post by:
Hi michaelb,
Hel me please.
1.I have table "Master" with fields : Id,description,HD8,Hd6,name.
How to create FUNCTION for executing query :
SELECT Id,description FROM Master ( only 2...
|
by: robertGreen613 |
last post by:
Hi All,
I am trying to execute a query in my VB Code for this Access application. THe code i have is:
Dim dbcon227 As Database
Dim qryDeff As QueryDef
Dim dbrs2, rs As...
|
by: hawk7890 |
last post by:
I have done alot of research on this problem but I am unable to figure it out.
I have a table created with the following fields
ID
UserID (domain account)
UserName (full name of person)...
|
by: vstud |
last post by:
Hi guys,
I have a simple page with a text box for inserting a name and a gridview below it.
once the user type the name the gridview displays the matching record that has that name in the...
|
by: lmeeson |
last post by:
i want to combine two fields and have used the the following query
UPDATE SudentInfo SET
image1name = CONCAT(imagepath,UserName,'1');
this works but the thing is when a new record is added the...
|
by: mus24 |
last post by:
Hi All,
I have an issue where my query results are to be "less sensitive" to various syntax
For example:
SELECT * FROM Player_Profile
WHERE txtname
LIKE 'AJ Abrams'
But the results are to...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
| |