By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,086 Members | 1,460 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,086 IT Pros & Developers. It's quick & easy.

Inserting alphanumeric into SQL db?

P: 13
Hi everyone,

I'm hoping someone can help me. I've created a windows app that inserts data into a sql database.

The data comes from textboxes. This is a simple app that will only be used by me on a local computer so I'm not worried about sql injections.

My problem is this...if I enter a job id that contains all numbers (ie. 12345) into textBox1 everything works fine and the database inserts the new record. But if I enter a job id that is alphanumeric (ie. 12345b) I receive a syntax error.

In my database the field is set as varchar(MAX) so I don't understand why this is throwing an error. If I manually insert a alphanumeric job id into the db it works. This is only happening when trying to update via the win form. Here is the code and thanks for your time...

Expand|Select|Wrap|Line Numbers
  1. //Build Commands ---------------------------------------------
  2. SqlCommand mySqlCommand = db.CreateCommand();
  3. int log_total = Convert.ToInt32( txt_total.Text) - Convert.ToInt32(starting_total) ;
  4. string date = String.Format("{0:yyyyMMdd}", DateTime.Now);
  5.  
  6.  
  7. // THIS ONE IS THE PROBLEM ------------------------------------
  8. string jobID = textBox1.Text;
  9.  
  10.  
  11. string update_log = jobID + "," + starting_total + "," + txt_total.Text + "," + log_total + "," + date; 
  12.  
  13. mySqlCommand.CommandText =
  14. "INSERT INTO Log (Job, Start, Finish, Total, Date)" +  " VALUES (" + update_log + ")"; 
  15.  
  16.  
  17.  
  18. // Open, Execute, Close ----------------------------------------
  19.  
  20. db.Open();
  21.  
  22. SqlDataReader mySqlDataReader = mySqlCommand.ExecuteReader();
  23.  
  24. db.Close();
Jan 22 '09 #1
Share this Question
Share on Google+
3 Replies


P: 13
Nevermind. I was missing a ' around the JobID field.
Jan 22 '09 #2

Curtis Rutland
Expert 2.5K+
P: 3,256
I'd really suggest that you use String.Format or use parameters. I know it's just for you, but using either of those makes your code far more maintainable and readable, and it would be much easier to spot those errors. In fact, if you used parameters, that error would never have even come up.
Jan 23 '09 #3

P: 13
I'd really suggest that you use String.Format or use parameters. I know it's just for you, but using either of those makes your code far more maintainable and readable, and it would be much easier to spot those errors. In fact, if you used parameters, that error would never have even come up.
Thanks, I'll take your advice. Have a great weekend!
Jan 24 '09 #4

Post your reply

Sign in to post your reply or Sign up for a free account.