This question already has answers here:
Why do we always prefer using parameters in SQL statements? (7 answers)
Closed yesterday.
I cannot see where the error is in the queries sqlAction
is used for, in either the add or edit block.
Thanks in advance.
Error being thrown:
System.Data.SqlClient.SqlException: 'Incorrect syntax near '11'.'
Text visualizer shows:
Insert into Creditors
Values ('asdf', 'asdf', 'asdf', 'asdf', 'sadf', 'asdf', 'Australia', '231234', 13/10/2023 11:26:53 AM, 'Admin', 1)
Here is the code:
Private Sub Button9_Click(sender As Object, e As EventArgs) Handles Button9.Click
'Save addition/Changes
'Insert/Edit A Record
'Dim i As Integer
Dim I1 As String = TextBox1.Text
Dim I2 As String = TextBox2.Text
Dim I3 As String = TextBox3.Text
Dim I4 As String = TextBox4.Text
Dim I5 As String = TextBox5.Text
Dim I6 As String = TextBox6.Text
Dim I7 As String = TextBox7.Text
Dim I8 As String = TextBox9.Text
Dim I9 As Date = Now()
Dim I10 As String = strUserName
Dim I11 As String = CheckBox1.Enabled
If CheckBox1.Checked = True Then
I11 = 1
Else
I11 = 0
End If
Dim pid As Integer = TextBox8.Text
'Stop
If con.State = ConnectionState.Open Then con.Close()
If IsAdding = True Then
'Stop
con.Open()
'Insert line into Creditors
sqlAction = "Insert into Creditors Values ('" & I1 &
"','" & I2 & "', '" & I3 &
"', '" & I4 & "', '" & I5 & "', '" & I6 &
"','" & I7 & "','" & I8 & "', " & I9 & ", '" &
I10 & "', " & I11 & ")"
sqlCmd = New SqlCommand(sqlAction, con)
sqlCmd.ExecuteNonQuery()
'MessageBox.Show("Sucessful")
Call DefaultButtons()
' Stop
LoadData(0)
Else
' Stop
'Edit Existing Record
sqlAction = "Update Creditors Set CreditorName = '" & I1 &
"', Addr1 = '" & I2 & "', Addr2 = '" & I3 &
"', City = '" & I4 & "', State = '" & I5 &
"', PostCode = '" & I6 & "', Country ='" & I7 &
"', ContactNbr = '" & I8 &
"',DateAdded = " & I9 & ", AddedBy = '" & I10 & "', IsActive = " & I11 &
" where CreditorID = " & pid & ""
con.Open()
sqlCmd = New SqlCommand(sqlAction, con)
sqlCmd.ExecuteNonQuery()
LoadData(0)
'MessageBox.Show("Sucessful")
End If
con.Close()
Call TextBoxDisabled()
IsAdding = False
IsEditing = False
End Sub
Table Structure:
CreditorId int False
CreditorName nvarchar(50) False
Addr1 nvarchar(50) True
Addr2 nvarchar(50) True
City nvarchar(50) True
State nvarchar(50) True
PostCode nvarchar(50) True
Country nvarchar(50) True
ContactNbr nvarchar(50) True
DateAdded date False
AddedBy nvarchar(50) False
IsActive bit False
1条答案
按热度按时间7cwmlq891#
This issue was not caused by a typo but rather a lack of knowledge of SQL syntax, so closing it as a typo would be a disservice. As suggested in the first comment, the immediate issue that is causing the error message you reported is the fact that you have not put your date/time literal in single quotes:
Note the preferred, unambiguous date format too. There are numerous other ways you could improve your code but that will address that specific syntax error.