Reputation: 11
I am getting Unclosed quotation mark after the character string ''. and I have tried everything any help would be greatly appreciated.
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["sipConnectionString"].ConnectionString);
protected void Button1_Click(object sender, EventArgs e)
{
conn.Open();
string query = "select dealercode, dropdate, couponno from coupon where dealercode = '" + DEALERCODETextBox.Text + "' and dropdate = '" + DROPDATETextBox.Text + "' and COUPONNO = '" + COUPONCOUNTTextBox.Text +"','";
SqlCommand cm = new SqlCommand(query, conn);
cm.Parameters.AddWithValue("@couponcount", COUPONCOUNTTextBox.Text);
cm.Parameters.AddWithValue("@totalrev", GRANDTOTALTextBox.Text);
cm.ExecuteNonQuery();
conn.Close();
Upvotes: 1
Views: 787
Reputation: 1491
You use paramters to add the values, but you don't use the parameters in the query:
string query = "select dealercode, dropdate, couponno from coupon where dealercode = @dealercode and dropdate =@dropdate and COUPONNO = @couponcount;";
SqlCommand cm = new SqlCommand(query, conn);
cm.Parameters.AddWithValue("@couponcount", COUPONCOUNTTextBox.Text);
cm.Parameters.AddWithValue("@dealercode ", DEALERCODETextBox.Text);
cm.Parameters.AddWithValue("@dropdate ", DROPDATETextBox.Text);
Upvotes: 1
Reputation: 943
In the last of your query string
and COUPONNO = '" + COUPONCOUNTTextBox.Text +"','";
replace +"','";
with "'";
Note: Your query string also lack of Parameters
Upvotes: 3
Reputation: 2624
Replace with this line:
string query = "select dealercode, dropdate, couponno
from coupon where dealercode = '" + DEALERCODETextBox.Text + "'
and dropdate = '" + DROPDATETextBox.Text + "'
and COUPONNO = '" + COUPONCOUNTTextBox.Text +"'";
SqlCommand cm = new SqlCommand(query, conn);
Upvotes: 0