CODEWITHSUNDEEP
c#asp.netsql-server-2008
Ali Akbar
Ali Akbar

Reputation: 11

Data is not inserted in database table from windows form

I am working on a Desktop application. I developed a form in which user enters data. When he clicks the submit button the data is saved in a database name PakReaEstat. The problem is the data is not inserted in the table and I get an error: SqlException was Unhandled.

When I click the Submit button it prompts error. The code behind the button is as following:

protected void button2_Click(object sender, EventArgs e)
{
    SqlConnection con = new SqlConnection("Data Source=ali-pc/sqlexpress.PakEstateAgency.dbo"); 
    con.Open();
    SqlCommand cmd = new SqlCommand("insert into ClientINFO(Application#,LDAReg#,Size,Name,SDW/O,CNIC,Address,Image,giventime)" + 
                                    "values (" + Convert.ToInt32(textBox1.Text) + ",'" + 
                                    textBox2.Text + "','" + 
                                    textBox4.Text + "'," + 
                                    textBox5.Text + "," + 
                                    textBox6.Text + "," + 
                                    textBox7.Text + "," + 
                                    textBox8.Text + 
                                    "," + textBox3.Text + ")", con); 
    cmd.ExecuteNonQuery();
    MessageBox.Show("Insertion successfully done");
}

Upvotes: 0

Views: 3326

Answers (3)

CodeTherapist
CodeTherapist

Reputation: 2806

Check you connection string and the SQL insert statement.

I recommend that you use sql parameters instead of the the textbox text property as value directly. Beacause this is a common vulnerability, called SQL injection. I also recommend to use using statement to ensure the connection is closed.

using (var con = new SqlConnection("Data Source=ali-pc/sqlexpress.PakEstateAgency.dbo"))
            {
                con.Open();
                using (var cmd = new SqlCommand("insert into ClientINFO(Application#,LDAReg#,Size,Name,SDW/O,CNIC,Address,Image,giventime)" + "values (@Application#,@LDAReg#, ... )", con))
                {
                    cmd.Parameters.AddWithValue("@Application#", Convert.ToInt32(textBox1.Text));
                    cmd.Parameters.AddWithValue("@LDAReg#", textBox2.Text);
                    // add the other parameters ...

                    cmd.ExecuteNonQuery();
                }
            }

            MessageBox.Show("Insertion successfully done");

Upvotes: 1

Nitin Varpe
Nitin Varpe

Reputation: 10694

Always put your code in try... catch block if you are doing transaction with datatbase

If your connetion to databse is established and no issue there then

You are missing single quotes on last five textboxes. I suppose that last five columns are of type nvarchar in ur datatbse

change command to

SqlCommand cmd = new SqlCommand("insert into ClientINFO(Application#,LDAReg#,Size,Name,SDW/O,CNIC,Address,Image,giventime) values (" + Convert.ToInt32(textBox1.Text) + ",'" + textBox2.Text + "','" + textBox4.Text + " ','" + textBox5.Text + "','" + textBox6.Text+ "','" +textBox7.Text+ "','"+textBox8.Text +"','"+textBox3.Text+"')", con);

Upvotes: 0

Vignesh Kumar A
Vignesh Kumar A

Reputation: 28403

There is problem in your SqlConnection

Make sure that your connection string is correct

SqlConnection con = new SqlConnection("Data Source=ali-pc/sqlexpress.PakEstateAgency.dbo");

It should come like

 SqlConnection con = new SqlConnection("Data Source=ADMIN3-PC;Initial Catalog=master;Integrated Security=True");

Upvotes: 0

Related Questions