Member Avatar for nosajbiboy.talan

what is the problem of my code...when i view it in browser and click the button insert there is an error message
saying "Syntax error in INSERT INTO Statement

Dim myConn As OleDbConnection
        Dim cmd As OleDbCommand
        Dim sqlString, BookingDate, CheckInDate, CheckOutDate, RoomNo As String

        BookingDate = txtBDate.Text
        CheckInDate = txtCIDate.Text
        CheckOutDate = txtCODate.Text
        RoomNo = txtRNo.Text

        myConn = New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=H:\OHRS.accdb")

        myConn.Open()
        sqlString = "INSERT INTO tbl_Booking (Booking Date, Check In Date, Check Out Date, Room No) VALUES ('" + BookingDate + "','" + CheckInDate + "','" + CheckOutDate + "','" + RoomNo + "')"
        cmd = New OleDbCommand(sqlString, myConn)
        cmd.ExecuteNonQuery()
        myConn.Close()

i hope u can help me...

Untitled.png 76.86 KB
Edited by nosajbiboy.talan
  • 5 Contributors
  • 6 Replies
  • 937 Views
  • 3 Hours Discussion Span
  • Latest Post Latest Post by MohdDilshad
Member Avatar for JorgeM

The first thing that sticks out for me is the fact that your fields have spaces in the name. Therefore, you need to wrap the field names within brackets. For example...

INSERT INTO tbl_Booking ([Booking Date], [Check In Date], [Check Out Date],

Member Avatar for jangirke

Maybe that:
"INSERT INTO User ([UserID], [Forename], [Surname], [DateOfBirth], [TargetWeight], [TargetCalories], [Height]) Values ('" + userid.Text.ToString() + "' , '" + fname.Text.ToString() + "' , '" + sname.Text.ToString() + "' , '" + dob.Text.ToString() + "' , '" + tarweight.Text.ToString() + "' , '" + tarcal.Text.ToString() + "' , '" + height.Text.ToString() + "')";

Edited by jangirke
Member Avatar for nosajbiboy.talan

tnx...i think it works...but when i run it there is a new error message saying
Data type mismatch in criteria expression.

Member Avatar for JorgeM

the data you are tyring to insert needs to match the database fields' data types. For example...trying to insert a string ('ABC') into a integer field.

Member Avatar for kvprajapati

Use parameterized SQL statements.

sqlString ="INSERT INTO tbl_Booking ([Booking Date],[Check In Date],[Check Out Date],[Room No]) VALUES (@BookingDate,@InDate,@OutDate,@RoomNo)";

using(OleDbConnection cn=new OleDbConnection())
{
using(OleDbCommand cmd=new OleDbCommand())
 {
   cn.ConnectionString=@"connection_string_here";
   cmd.Connection=cn;
   cmd.CommandText=sqlString;
   cmd.Parameters.AddWithValue("@BookingDate",BookingDate);
   ...
   cn.Open();
   cmd.ExecuteNonQuery();
   cn.Close();
  }
}
Member Avatar for MohdDilshad

GOOD

Edited by MohdDilshad
commented: Please read **member rules* before you post. -3
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.