CODEWITHSUNDEEP
c#
Lord Biscuit
Lord Biscuit

Reputation: 11

Syntax error in INSERT into statement vb c#

I am a newbie and currently having problems with this part of my code where i get a syntax error after clicking the button to be recorded in the database.

 private void button1_Click(object sender, EventArgs e)
    {
         FlightConn.Open();
        oleDbCmd.Connection = FlightConn;

        oleDbCmd.CommandText = "insert into tbl_flight (fld_PassengerName, fld_destination, fld_class, fld_date, fld_time) ('" +
        this.textBox1.Text + "', '" + this.textBox2.Text + "', '" + this.comboBox1.SelectedItem + "', '" + this.comboBox2.SelectedItem + "','" + this.dateTimePicker1.Value + "');";
        int temp = oleDbCmd.ExecuteNonQuery();

        if (temp > 0)
        {
            textBox1.Text = null;
            textBox2.Text = null;
            comboBox1.Text = null;
            comboBox2.Text = null;
            dateTimePicker1.Text = null; 


            MessageBox.Show("Record Successfully Added");
        }
        else
        {
            MessageBox.Show("Record Failed to Add");
        }
       FlightConn.Close();
    }

any ideas what the problem is? thank you for any future answers

Upvotes: 1

Views: 86

Answers (5)

Manoj
Manoj

Reputation: 883

You missed to specify "values" keyword.. try this

oleDbCmd.CommandText = "insert into tbl_flight (fld_PassengerName, fld_destination, fld_class, fld_date, fld_time) values('" +
    this.textBox1.Text + "', '" + this.textBox2.Text + "', '" + this.comboBox1.SelectedItem + "', '" + this.comboBox2.SelectedItem + "','" + this.dateTimePicker1.Value + "');";

Upvotes: 0

Ortund
Ortund

Reputation: 8245

Your SQL command is missing a clause. You should also use parameterized queries rather than inputting the values in plain text into your query. It makes the query more secure since you won't have to worry so much about SQL injection.

Change this:

oleDbCmd.CommandText = "insert into tbl_flight (fld_PassengerName, fld_destination, fld_class, fld_date, fld_time) ('" +
    this.textBox1.Text + "', '" + this.textBox2.Text + "', '" + this.comboBox1.SelectedItem + "', '" + this.comboBox2.SelectedItem + "','" + this.dateTimePicker1.Value + "');";

To something more like this:

oleDbCmd.CommandText = "insert into tbl_flight(fld_PassengerName, fld_destination, fld_class, fld_date, fld_time) values(@PassengerName, @Destination, @Class, @Date, @Time)";

List<OleDbParameter> args = new List<OleDbParameter>();
args.Add(new OleDbParameter("@PassengerName", textBox1.Text));
args.Add(new OleDbParameter("@Destination", textBox2.Text));
args.Add(new OleDbParameter("@Class", comboBox1.SelectedItem));
args.Add(new OleDbParameter("@Date", comboBox2.SelectedItem));
args.Add(new OleDbParameter("@Time", dateTimePicker1.Value));

oleDbCmd.Parameters.Add(args.ToArray());

Upvotes: 1

Hasan BINBOGA
Hasan BINBOGA

Reputation: 822

Your sql string must be;

string.Format(@"INSERT INTO tbl_flight (fld_PassengerName, fld_destination, fld_class, fld_date, fld_time) 
                                        VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', '{5}');",
                              this.textBox1.Text, this.textBox2.Text, this.comboBox1.SelectedItem,
                              this.comboBox2.SelectedItem, this.dateTimePicker1.Value);

Upvotes: 0

Eminem
Eminem

Reputation: 7484

You appear to be missing the "VALUES" keyword in your sql statement

Upvotes: 0

Mainak
Mainak

Reputation: 470

You insert query is missing the Values keyword. Insert into tablename(field1,field2) values(value1,value2)

Upvotes: 1

Related Questions