syntax error in INSERT INTO state

Question

MKARWOSK 0 Newbie Poster

13 Years Ago

I have been tinkering with this for over 2 hours now and i still cannot figure out what is wrong with it.

private void b_Add_Click(object sender, EventArgs e)
        {
            try
            {
                string Query = "INSERT INTO tbl_Employee (s_EmpNumber, s_EmpLastName, s_EmpMiddleName, s_EmpAddress, s_EmpZip, s_EmpPhone, i_EmpPayLevel, i_EmpPayGrade) (s_String, i_Integer)"
                             + "VALUES(" + "\"" + tb_EmpNumber.Text + "\"" + "," +
                             tb_EmpFirstName.Text + "\"" + "," 
                             + "\"" + tb_EmpLastName.Text + "\"" + ","
                             + "\"" + tb_EmpMiddleName.Text + "\"" + ","
                             + "\"" + tb_EmpAddress.Text + "\"" + ","                       
                             + "\"" + tb_EmpZip.Text + "\"" + ","
                             + "\"" + tb_EmpPhone.Text + "\"" + ","
                             + Convert.ToInt32(tb_EmpPayLevel.Text) + ","
                             + Convert.ToInt32(tb_EmpPayGrade.Text) + ")";

                OleDbConnection Connection = new OleDbConnection(gs_ConnString);
                OleDbCommand Command = new OleDbCommand(Query, Connection);
                Connection.Open();
                OleDbDataReader Reader;
                Reader = Command.ExecuteReader();
                Reader.Close();
                Connection.Close();
            }//end try
            catch (Exception YorkProducts)
            {
                MessageBox.Show("Message: " + YorkProducts.Message,
                                "tbl_Employee ADD Error", MessageBoxButtons.OK,
                                MessageBoxIcon.Error);

            }//end catch

        }

please help,

thank you

Edited 13 Years Ago by kvprajapati because: Added [code] tags.

2 Contributors
1 Reply
100 Views
6 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by darkagn

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

darkagn 315 Veteran Poster Featured Poster · Answer 1 · 2010-12-08T11:36:59+00:00

There are a few things that could be better with your code, but your syntax error is caused by this:

i_EmpPayGrade) (s_String, i_Integer)

which I believe should be this:

i_EmpPayGrade, s_String, i_Integer)

You should really use a parameterised query to pass all of those variables to your query. Also, you should wrap your execution of the command inside a try-finally clause to ensure that the connection is closed if you get an exception.

EDIT: Also, quotes in SQL are single quote ', not ", so everywhere that you have "\"" + ... should actually be "'" + ..., but a parameterised query would help with that anyway.