CODEWITHSUNDEEP
asp.netsqlvb.netvisual-studio-2010sql-server-2008
user1477362
user1477362

Reputation: 35

Incorrect syntax near ')'. when trying to insert values into the database

I'm new and this is my first question.

I'm trying to insert a value into the database and I get the error message

Incorrect syntax near ')'.

and cmd.ExecuteNonQuery() gets highlighted. Here's my code:

con.Open()
cmd = New SqlCommand("INSERT INTO orders ('" + IDProduct.Text + "')", con)
cmd.ExecuteNonQuery()
con.Close()

Upvotes: 2

Views: 6636

Answers (4)

walther
walther

Reputation: 13600

Firstly, NEVER, NEVER NEVER build sql queries like this. Use parameterized queries instead.

Secondly, you're missing "VALUES" in your sql command.

INSERT INTO orders VALUES ( .... )

edit:

Thirdly, as marc_s suggests, it's a good idea to specify column names as well. That way you can avoid some surprises later.

Upvotes: 8

Karthik Bammidi
Karthik Bammidi

Reputation: 1851

Insert query syntax is:

insert into <tablename> values(col1 <datatype>,col2 <datatype>)

you missed values that's why you get error modify this line:

 cmd = New SqlCommand("INSERT INTO orders values ('" + IDProduct.Text + "')", con)

Upvotes: 0

Steve
Steve

Reputation: 216293

The syntax for the SQL statement INSERT INTO has two forms

You don't specifiy the column names 

INSERT INTO table VALUES (value1, value2, value3,...)

or you specify both the column names and the values 

INSERT INTO table (col1, col2, col3,...)
             VALUES (value1, value2, value3,...)

The first case should be used when all the fields values are specified.
The second case should be used when you want to insert the values for specific columns

Upvotes: 2

matt3141
matt3141

Reputation: 4423

Values should be used: 

INSERT INTO table_name
VALUES (value1, value2, value3,...)

Upvotes: 1

Related Questions