SQL Server Cannot see where this error is: System.Data.SqlClient.SqlException: 'Incorrect syntax near '10'.' [duplicate]

ct3nt3jp  于 2023-10-15  发布在  其他
关注(0)|答案(1)|浏览(91)

This question already has answers here:

Why do we always prefer using parameters in SQL statements? (7 answers)
Closed yesterday.

I cannot see where the error is in the queries sqlAction is used for, in either the add or edit block.

Thanks in advance.

Error being thrown:
System.Data.SqlClient.SqlException: 'Incorrect syntax near '11'.'

Text visualizer shows:

Insert into Creditors 
Values ('asdf', 'asdf', 'asdf', 'asdf', 'sadf', 'asdf', 'Australia', '231234', 13/10/2023 11:26:53 AM, 'Admin', 1)

Here is the code:

Private Sub Button9_Click(sender As Object, e As EventArgs) Handles Button9.Click
    'Save addition/Changes
    'Insert/Edit A Record
    'Dim i As Integer

    Dim I1 As String = TextBox1.Text
    Dim I2 As String = TextBox2.Text
    Dim I3 As String = TextBox3.Text
    Dim I4 As String = TextBox4.Text
    Dim I5 As String = TextBox5.Text
    Dim I6 As String = TextBox6.Text
    Dim I7 As String = TextBox7.Text
    Dim I8 As String = TextBox9.Text
    Dim I9 As Date = Now()
    Dim I10 As String = strUserName
    Dim I11 As String = CheckBox1.Enabled

    If CheckBox1.Checked = True Then
        I11 = 1
    Else
        I11 = 0
    End If

    Dim pid As Integer = TextBox8.Text

    'Stop
    If con.State = ConnectionState.Open Then con.Close()

    If IsAdding = True Then

        'Stop
        con.Open()
        'Insert line into Creditors
        sqlAction = "Insert into Creditors Values ('" & I1 &
                    "','" & I2 & "', '" & I3 &
                    "', '" & I4 & "', '" & I5 & "', '" & I6 &
                    "','" & I7 & "','" & I8 & "', " & I9 & ", '" &
                    I10 & "', " & I11 & ")"
        sqlCmd = New SqlCommand(sqlAction, con)

        sqlCmd.ExecuteNonQuery()

        'MessageBox.Show("Sucessful")

        Call DefaultButtons()
        ' Stop
        LoadData(0)

    Else
        ' Stop

        'Edit Existing Record
        sqlAction = "Update Creditors Set CreditorName = '" & I1 &
                    "', Addr1 = '" & I2 & "', Addr2 = '" & I3 &
                    "', City = '" & I4 & "', State = '" & I5 &
                    "', PostCode = '" & I6 & "', Country ='" & I7 &
                    "', ContactNbr = '" & I8 &
                    "',DateAdded = " & I9 & ", AddedBy = '" & I10 & "', IsActive = " & I11 &
                    " where CreditorID = " & pid & ""
        con.Open()
        sqlCmd = New SqlCommand(sqlAction, con)

        sqlCmd.ExecuteNonQuery()
        LoadData(0)

        'MessageBox.Show("Sucessful")
    End If
    con.Close()
    Call TextBoxDisabled()
    IsAdding = False
    IsEditing = False
End Sub

Table Structure:

CreditorId  int False   
CreditorName    nvarchar(50)    False   
Addr1   nvarchar(50)    True    
Addr2   nvarchar(50)    True    
City    nvarchar(50)    True    
State   nvarchar(50)    True    
PostCode    nvarchar(50)    True    
Country nvarchar(50)    True    
ContactNbr  nvarchar(50)    True    
DateAdded   date    False   
AddedBy nvarchar(50)    False   
IsActive    bit False
7cwmlq89

7cwmlq891#

This issue was not caused by a typo but rather a lack of knowledge of SQL syntax, so closing it as a typo would be a disservice. As suggested in the first comment, the immediate issue that is causing the error message you reported is the fact that you have not put your date/time literal in single quotes:

, '2023-10-13 11:26:53 AM',

Note the preferred, unambiguous date format too. There are numerous other ways you could improve your code but that will address that specific syntax error.

相关问题