Reputation: 5
Getting SQLException when debugging
I've got a error which I can't understand. When I'm debugging and trying to run a insert statement, its throwing the following exception:
"There are fewer columns in the INSERT statement than values specified in the VALUES clause. The number of values in the VALUES clause must match the number of columns specified in the INSERT statement."
I have looked all over my code, and I can't find the mistake I've made.
This is the query and the surrounding code:
SqlConnection myCon = DBcon.getInstance().conn();
int id = gm.GetID("SELECT ListID from Indkøbsliste");
id++;
Console.WriteLine("LNr: " + listnr);
string streg = GetStregkode(navne);
Console.WriteLine("stregk :" + strege);
string navn = GetVareNavn(strege);
Console.WriteLine("navn :" + navne);
myCon.Open();
string query = "INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris) Values(" + id + "," + listnr + ", '" + strege + "','" + navn + "'," + il.Antal + ", "+il.Pris+")";
Console.WriteLine(il.Antal+" Antal");
Console.WriteLine(il.Pris+" Pris");
Console.WriteLine(id + " ID");
SqlCommand com = new SqlCommand(query, myCon);
com.ExecuteNonQuery();
com.Dispose();
myCon.Close();
Upvotes: 0
Views: 829
Answers (3)
Reputation: 6167
Are you using danish culture settings?
In that case if il.Pris is a double or decimal it will be printed using comma, which means that your sql will have an extra comma.
Ie:
INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris) Values(33,5566, 'stegkode','somename',4, 99,44)
where 99,44 is the price.
The solution is to use parameters instead of using the values directly in you sql. See some of the other answers already explaining this.
Upvotes: 0
Reputation: 94645
First of all check the connection string and confirm the database location and number of columns a table has.
Suggestion : Do not use hardcoded SQL string. Use parameterized sql statements or stored-proc.
Try parameterized way,
string query = "INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris)
Values (@ListID, @ListeNr, @Stregkode, @Navn, @Antal, @Pris)"
SqlCommand com = new SqlCommand(query, myCon);
com.Parameters.Add("@ListID",System.Data.SqlDbType.Int).Value=id;
com.Parameters.Add("@ListeNr",System.Data.SqlDbType.Int).Value=listnr;
com.Parameters.Add("@Stregkode",System.Data.SqlDbType.VarChar).Value=strege ;
com.Parameters.Add("@Navn",System.Data.SqlDbType.VarChar).Value=navn ;
com.Parameters.Add("@Antal",System.Data.SqlDbType.Int).Value=il.Antal;
com.Parameters.Add("@Pris",System.Data.SqlDbType.Int).Value=il.Pris;
com.ExecuteNonQuery();
Upvotes: 1
Reputation: 49280
Please always use parametrized queries. This helps with errors like the one you have, and far more important protects against SQL injection (google the term, or check this blog entry - as an example).
For example, what are the actual values of strege and/or navn. Depending on that it may render your SQL statement syntactically invalid or do something worse.
It (looks like) a little more work in the beginning, but will pay off big time in the end.
Upvotes: 1
Related Questions
- SqlException was Unhandled
- SqlException was unhandled in C# - Information into Database Table
- SQLException was unhandled in .net
- Sql exception was unhandled
- SQL Exception Error C# ASP.Net
- exception with sql and c# code
- SqlCeException was unhandled
- SqlException in app using SQL Server
- SQL exception was unhandled in c#
- C# SQL query exception