Katherine
Reputation: 89
Invalid SQL syntax when trying to insert a row to the database
I am getting this error: System.Data.SqlClient.SqlException (0x80131904): Incorrect syntax near '12'.
The error occurs on the pbkDB.ExecuteNonQuery(dbCommand) line.
#region Enhancements_Update
private static bool Enhancements_Update(DataRow dr)
{
bool inserted = false;
DateTime dt;
Database pbkDB = DatabaseFactory.CreateDatabase("PbKConnectionString");
try
{
ChargeCode = dr["ChargeCode"].ToString().Trim();
NcicCode = dr["NcicCode"].ToString().Trim();
Description = String.IsNullOrEmpty(dr["Description"].ToString().Trim()) ? null : dr["Description"].ToString().Trim();
MachCr = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachCr"].ToString().Trim();
EnterUserId = String.IsNullOrEmpty(dr["EnterUserId"].ToString().Trim()) ? "KSCONV" : dr["EnterUserId"].ToString().Trim();
EnterDate = DateTime.TryParse(dr["EnterDate"].ToString(), out dt) ? dt : DateTime.Now;
UpdateUserId = String.IsNullOrEmpty(dr["UpdateUserId"].ToString().Trim()) ? "KSCONV" : dr["UpdateUserId"].ToString().Trim();
UpdateDate = DateTime.TryParse(dr["UpdateDate"].ToString(), out dt) ? dt : DateTime.Now;
EnactedDate = DateTime.TryParse(dr["EnactedDate"].ToString(), out dt) ? dt : DateTime.Now;
if (DateTime.TryParse(dr["RepealedDate"].ToString(), out dt))
RepealedDate = dt;
else
RepealedDate = null;
UsageType = String.IsNullOrEmpty(dr["UsageType"].ToString().Trim()) ? null : dr["UsageType"].ToString().Trim();
LanguageFile = String.IsNullOrEmpty(dr["LanguageFile"].ToString().Trim()) ? null : dr["LanguageFile"].ToString().Trim();
MachChar = String.IsNullOrEmpty(dr["MachCr"].ToString().Trim()) ? null : dr["MachChar"].ToString().Trim();
NotesOnUse = String.IsNullOrEmpty(dr["NotesOnUse"].ToString().Trim()) ? null : dr["NotesOnUse"].ToString().Trim();
SentenceSeverity = String.IsNullOrEmpty(dr["SentenceSeverity"].ToString().Trim()) ? null : dr["SentenceSeverity"].ToString().Trim();
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format(@"Update tblCtStateChargeNcic set Description = '{2}', MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5}, UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8}, RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}', MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}' where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode, NcicCode, Description, MachCr, EnterUserId, EnterDate, UpdateUserId, UpdateDate, EnactedDate, RepealedDate, UsageType, LanguageFile, MachChar, NotesOnUse, SentenceSeverity));
// error occurs here!
pbkDB.ExecuteNonQuery(dbCommand);
inserted = true;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
return inserted;
}
#endregion
Upvotes: 3
Views: 217
Answers (4)
Brian
Reputation: 5119
Change:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate {7}, EnactedDate {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
To:
DbCommand dbCommand = pbkDB.GetSqlStringCommand(string.Format
(@"Update tblCtStateChargeNcic set Description = '{2}',
MachCr = '{3}', EnterUserId = '{4}', EnterDate = {5},
UpdateUserId = '{6}', UpdateDate = {7}, EnactedDate = {8},
RepealedDate = {9}, UsageType = '{10}', LanguageFile = '{11}',
MachChar = '{12}', NotesOnUse = '{13}', SentenceSeverity = '{14}'
where ChargeCode = '{0}' AND NcicCode = '{1}')", ChargeCode,
NcicCode, Description, MachCr, EnterUserId, EnterDate,
UpdateUserId, UpdateDate, EnactedDate, RepealedDate,
UsageType, LanguageFile, MachChar, NotesOnUse,
SentenceSeverity));
You left out the '=' for UpdateDate and EnactedDate.
Upvotes: 1
Mike Hofer
Reputation: 17002
The problem is that date values must be enclosed in quotes (apostrophes, most likely).
Your string is improperly formatted.
For the record, using strings to create SQL statements is a horrible idea. Use a parameterized query, and add the parameter values with the AddParameterWithValue method. This sort of string splicing is a prime candidate for a SQL injection attack.
Upvotes: 2
Yosi Dahari
Reputation: 6999
You should use sql parameters instead of building the string yourself.
Any way, this is your error:
UpdateDate {7}, EnactedDate {8}
You are missing =:
UpdateDate = {7}, EnactedDate = {8}
Upvotes: 6
Related Questions
- Why am I getting an SQL Syntax error when trying to insert data into a row?
- error on inserting into table
- Error inserting data into SQL
- Syntax Error - INSERT INTO Statement
- SQL insert query throws error
- Trying to insert a row into my table using sql query INSERT INTO
- Incorrect syntax inserting data into table
- SQL Syntax Error (INSERT command)
- Syntax error in INSERT INTO statement
- "Syntax error in INSERT INTO statement". Why?