I'm new to C# and .net and I'm trying to create a form that will register users in a sql server database. I have the following code but when I run the code I get an error "
The name 'Peter' is not permitted in this context. Only constants, expressions, or variables allowed here. Column names are not permitted.
Where Peter is the value entered in the textbox for firstname (fnameTBox)
I'm sure the problem is something obvious but I can't seem to resolve and it is really frustrating. I would really appreciate help. I know that there is a connection to database as the regid is updated on form.
Thanks
This is the code I'm using
using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Data.SqlClient;
using System.Drawing;
using System.Web;
using System.Web.Mobile;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.MobileControls;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Threading;
namespace MobileSpeech
{
/// <summary>
/// Summary description for register.
/// </summary>
public class ruser : System.Web.UI.MobileControls.MobilePage
{
//Declaration
protected System.Web.UI.MobileControls.TextBox fnameTBox;
protected System.Web.UI.MobileControls.Label firstname;
protected System.Web.UI.MobileControls.TextBox snameTBox;
protected System.Web.UI.MobileControls.Label sname;
protected System.Web.UI.MobileControls.Label email;
protected System.Web.UI.MobileControls.TextBox emailTBox;
protected System.Web.UI.MobileControls.Label mobno;
protected System.Web.UI.MobileControls.TextBox mobnoTBox;
protected System.Web.UI.MobileControls.Label uname;
protected System.Web.UI.MobileControls.TextBox unameTBox;
protected System.Web.UI.MobileControls.Label pwd;
protected System.Web.UI.MobileControls.TextBox pwdTBox;
protected System.Web.UI.MobileControls.TextBox courseTBox;
protected System.Web.UI.MobileControls.Label coursen;
protected System.Web.UI.MobileControls.TextBox regidtb;
protected System.Web.UI.MobileControls.Command savebtn;
protected System.Web.UI.MobileControls.Command cancelbtn;
protected System.Data.SqlClient.SqlDataAdapter sqlDataAdapter1;
protected System.Data.SqlClient.SqlCommand sqlSelectCommand1;
protected System.Data.SqlClient.SqlCommand sqlInsertCommand1;
protected System.Data.SqlClient.SqlCommand sqlUpdateCommand1;
protected System.Data.SqlClient.SqlConnection sqlConnection1;
protected System.Web.UI.MobileControls.Form Form1;
protected System.Web.UI.MobileControls.Form RegUForm;
// method to connect to database and update regid
private void getConnected()
{
try
{
string strConnString = "workstation id=PATRICIA;packet size=4096;integrated security=SSPI;data source=\"(l" +
"ocal)\";persist security info=False;initial catalog=MobileQuiz";
SqlConnection myConnection = new SqlConnection(strConnString);
String strConnString1 = "select regid from Regusers";
SqlCommand myCommand =new SqlCommand(strConnString1,myConnection);
//open database
myConnection.Open();
//Creating data reader variable
SqlDataReader r = myCommand.ExecuteReader();
int i=0;
while (r.Read())
{
i++ ;
}
i++ ;
regidtb.Text = i.ToString();
}
catch (SqlException sql)
{
//Error message
this.Response.Write(sql.Message);
}
}
private void Page_Load(object sender, System.EventArgs e)
{
//put the connection to the database on a Thread so the Form displays quickly..
ThreadStart tsgc = new ThreadStart(getConnected) ;
Thread tgc = new Thread(tsgc) ;
tgc.Start() ;
//calls getconnected method
getConnected();
//calls initializeComponent method
InitializeComponent();
//called when save but is clicked
this.savebtn.Click += new System.EventHandler(this.savebtn_Click);
//called when Cancel button is clicked
this.cancelbtn.Click += new System.EventHandler(this.cancelbtn_Click);
}
#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
InitializeComponent();
base.OnInit(e);
}
private void InitializeComponent()
{
this.sqlDataAdapter1 = new System.Data.SqlClient.SqlDataAdapter();
this.sqlInsertCommand1 = new System.Data.SqlClient.SqlCommand();
this.sqlConnection1 = new System.Data.SqlClient.SqlConnection();
this.sqlSelectCommand1 = new System.Data.SqlClient.SqlCommand();
this.sqlUpdateCommand1 = new System.Data.SqlClient.SqlCommand();
//
// sqlDataAdapter1
//
this.sqlDataAdapter1.InsertCommand = this.sqlInsertCommand1;
this.sqlDataAdapter1.SelectCommand = this.sqlSelectCommand1;
this.sqlDataAdapter1.TableMappings.AddRange(new System.Data.Common.DataTableMapping[] {
new System.Data.Common.DataTableMapping("Table", "Regusers", new System.Data.Common.DataColumnMapping[] {
new System.Data.Common.DataColumnMapping("password", "password"),
new System.Data.Common.DataColumnMapping("courseid", "courseid")})});
this.sqlDataAdapter1.UpdateCommand = this.sqlUpdateCommand1;
//
// sqlInsertCommand1
//
this.sqlInsertCommand1.CommandText = @"INSERT INTO Regusers(firstname, surname, email, mobno, login, password, courseid) VALUES (@firstname, @surname, @email, @mobno, @login, @password, @courseid); SELECT regid, firstname, surname, email, mobno, login, password, courseid FROM Regusers WHERE (regid = @@IDENTITY)";
this.sqlInsertCommand1.Connection = this.sqlConnection1;
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@firstname", System.Data.SqlDbType.VarChar, 10, "firstname"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@surname", System.Data.SqlDbType.VarChar, 15, "surname"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@email", System.Data.SqlDbType.VarChar, 30, "email"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@mobno", System.Data.SqlDbType.NVarChar, 10, "mobno"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@login", System.Data.SqlDbType.VarChar, 10, "login"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@password", System.Data.SqlDbType.VarChar, 10, "password"));
this.sqlInsertCommand1.Parameters.Add(new System.Data.SqlClient.SqlParameter("@courseid", System.Data.SqlDbType.Int, 4, "courseid"));
//
// sqlConnection1
//
this.sqlConnection1.ConnectionString = "workstation id=PATRICIA;packet size=4096;integrated security=SSPI;data source=loc" +
"alhost;persist security info=False;initial catalog=MobileQuiz";
//
// sqlSelectCommand1
//
this.sqlSelectCommand1.CommandText = "SELECT regid, firstname, surname, email, mobno, login, password, courseid FROM Re" +
"gusers";
this.sqlSelectCommand1.Connection = this.sqlConnection1;
this.Form1.Activate += new System.EventHandler(this.Form1_Activate);
this.Load += new System.EventHandler(this.Page_Load);
}
//This method is called when the "Save" Button is Clicked.
//It checks if Data is entered into all the feilds, if 'yes' then it procedes
//by opening an connection to the database and inserting the new data in it.
protected void savebtn_Click(object sender, System.EventArgs e)
{
try
{
if(regidtb.Text!=" "&&fnameTBox.Text!=" "&&snameTBox.Text!=" "&&emailTBox.Text!=" "&&mobnoTBox.Text!=" "&&unameTBox.Text!=" "&&pwdTBox.Text!=" "&&courseTBox.Text!=" ")
{
string strConnString = "workstation id=PATRICIA;packet size=4096;integrated security=SSPI;data source=\"(l" +
"ocal)\";persist security info=False;initial catalog=MobileQuiz";
SqlConnection myConnection = new SqlConnection(strConnString);
String strConnString1 = "SELECT regid from Regusers";
SqlCommand myCommand =new SqlCommand(strConnString1,myConnection);
//open database
myConnection.Open();
string strInsert = "INSERT INTO regusers(regid, firstname, surname, email, mobno, login, password, courseid) VALUES ("+regidtb.Text+", "+fnameTBox.Text+", "+snameTBox.Text+", "+emailTBox.Text+", "+mobnoTBox.Text+", "+unameTBox.Text+", "+pwdTBox.Text+", "+courseTBox.Text+")";
SqlCommand inst = new SqlCommand(strInsert, myConnection);
inst.ExecuteNonQuery();
myConnection.Close();
}
else
{
this.Response.Write("ERROR");
}
}
catch(SqlException sql)
{
//Error message
this.Response.Write(sql.Message);
}
}
protected void cancelbtn_Click(object sender, System.EventArgs e)
{
//reset all the textboxes
int i=int.Parse(regidtb.Text);
i--;
regidtb.Text=i.ToString() ;
fnameTBox.Text="" ;
snameTBox.Text="" ;
emailTBox.Text="" ;
mobnoTBox.Text="" ;
unameTBox.Text="" ;
pwdTBox.Text="" ;
courseTBox.Text="" ;
}
private void Form1_Activate(object sender, System.EventArgs e)
{
}
}
}