Reputation: 97
I'm developing the username/password creation system for my program. It's just going to be used in a computing lab, and I'm just going to have a central Access database that distributes through scripts on the lab machines. Or that's the plan right now. I can't remember the proper code to insert the info into the database to save my life though. This is what I've got so far. The hashing and salting seem to be going fine, I just can't shove it into the database. The name of the table is regulate.
I'm getting "number of query fields and destination fields are not the same".
OleDbConnection conn = new OleDbConnection();
conn.ConnectionString = @"Provider=Microsoft.Jet.OLEDB.4.0; Data Source=access.mdb";
conn.Open();
string Name = txtName.Text;
string PW = txtHash.Text;
string Salt = txtSalt.Text;
OleDbCommand cmmd = new OleDbCommand("INSERT INTO regulate(regulate) Values(@NAME, @PASSWORD, @SALT)", conn);
if (conn.State == ConnectionState.Open)
{
cmmd.Parameters.Add("@NAME", OleDbType.VarWChar, 100).Value = Name;
cmmd.Parameters.Add("@PASSWORD", OleDbType.VarWChar, 500).Value = PW;
cmmd.Parameters.Add("@SALT", OleDbType.VarWChar, 10).Value = Salt;
try
{
cmmd.ExecuteNonQuery();
MessageBox.Show("DATA ADDED");
conn.Close();
}
catch (OleDbException expe)
{
MessageBox.Show(expe.Message);
conn.Close();
Upvotes: 0
Views: 181
Reputation: 149058
The OleDbCommand
uses a different format for parameters than SqlCommand
, as you see in the documentation:
The OLE DB .NET Provider does not support named parameters for passing parameters to an SQL statement or a stored procedure called by an
OleDbCommand
whenCommandType
is set toText
. In this case, the question mark (?
) placeholder must be used.
And as @codenheim suggests, check the syntax of your INSERT
command.
Also, PASSWORD
is a reserved word in Jet SQL, so you probably need to quote that column name. I believe either these quote styles would work:
INSERT INTO regulate(name, `password`, salt) Values(?, ?, ?)
INSERT INTO regulate(name, [password], salt) Values(?, ?, ?)
Upvotes: 2
Reputation: 348
First important thing is to make sure that your path to your access.mdb
is correct.
Then also make sure that if your supplying 3 parameters to your insert statement (in your case, the @NAME
, @PASSWORD
, @SALT
), you must also have a matching column each for those 3 parameters to assign to.
string cs = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=access.mdb";
OleDbConnection c = new OleDbConnection(cs);
string Name = txtName.Text;
string PW = txtHash.Text;
string Salt = txtSalt.Text;
try
{
c.Open();
string s = "INSERT INTO regulate(NAME, PASSWORD, SALT) Values (@NAME, @PASSWORD, @SALT)";
using (OleDbCommand cmd = new OleDbCommand(s, c))
{
cmd.Parameters.AddWithValue("@NAME", Name);
cmd.Parameters.AddWithValue("@PASSWORD", PW);
cmd.Parameters.AddWithValue("@SALT", Salt);
cmd.ExecuteNonQuery();
MessageBox.Show("DATA ADDED");
}
}
catch (OleDbException ex)
{
MessageBox.Show(ex.Message);
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
finally
{
c.Close();
}
Upvotes: 1
Reputation: 20862
The number of fields and types in this:
INSERT INTO regulate(regulate)
must match this:
Values(var1, var2, var3)
Should be something like:
INSERT INTO regulate(name, password, salt) Values(?, ?, ?)
assuming these are the column names.
PS: I don't use OleDb very often, but I believe you need ?
instead of named @arg
per @p.s.w.g's answer. (Upvote his/her answer if this helps). I can confirm all of my OleDb code does indeed use positional arguments only.
Upvotes: 2