I'm passing some arguments to insert the record into the table using StringBuilder, I' m getting error:
Error 134 Comma, ')', or a valid expression continuation expected.
Near 'napproved' where 'napproved' this is a string argument contains 'N'
Here is the code
sb.Append("insert into [DBAccounting].[dbo].[CRS_TaxReport_TaxConsultant]")
sb.Append(" ([CLIENTCODE],[TC],[SECURITY_NO],[TC_NAME],[ADDRESS],")
sb.Append("[ACCOUNT_NAME],[ACCOUNT_NO],[PHONE_NO],")
sb.Append("[EMAIL_IDS],[IsApproved],")
sb.Append("[ApprovedBy],[ApproveDate],")
sb.Append("[MakerId],[MakerDt])")
sb.Append("VALUES('" & txtclientCode.Text & "',")
sb.Append("'" & txttc.Text & "','" & txtSecNo.Text & "',")
sb.Append("'" & txtTcName.Text & "','" & txtaddress.Text & "','" & txtaccname.Text & "',")
sb.Append("'" & txtaccno.Text & "','" & txtphno.Text & "','" & txtMailID.Text & "',")
sb.Append(" "napproved.ToString" ,"","","approvedby.ToString","Today.ToString")")
Related
I've got the following piece of code in a Windows form, but I'm getting an error
Overload resolution failed because no accessible 'ExecuteNonQuery' accepts this number of arguments
I've searched around and everything I see seems to relate to the number of parameters. I'm supplying the number the code is expecting (43), can anyone point me in the right direction?
Public Class wfRecDB
Dim cn As New SqlConnection("Data Source=.;Initial Catalog=RecDb;Provider=SQLNCLI11.1;Integrated Security=SSPI;Auto Translate=False;")
Dim cmd As New SqlCommand
Dim dr As SqlDataReader
Private Sub wfRecDB_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
cmd.Connection = cn
End Sub
Private Sub btnCon_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnCon.Click
If cbEnv.Text <> "" Then
cn.Open()
cmd.CommandText = "insert into recdb.recs.recdbextract (Environment,Unreconciled,Reconciled,Account,AcctRel,AccInc,AcctPro,Address,AssClass,BankAcc,BrkRel,CBNwork,CCTE,CIB,ClCont,ClCparty,ClFatca,ClFatcaDet,ExtRef,FamGp,FundLd,GenVar,IsaDec,LocStr,MPLocPat,MPOutPat,MPPatDet,MPPatHead,MPProdPat,NomAcc,NomAccLink,OutAssCl,OutMktCam,SippAcc,SippBCE,SippBenReq,SippLta,SippPaye,SippPenInc,SippRegPay,UnitPrice,UserGroups,UserPerms) values ('" & cbEnv.Text & "','" & rbUnreconciled.Text & "','" & rbReconciled.Text & "','" & cbAccount.Text & "', '" & cbAccountRelationship.Text & " ','" & cbAccountIncomeDistributionChoice.Text & "','" & cbAccountProfile.Text & "','" & cbAddress.Text & "','" & cbAssetClassification.Text & "','" & cbBankAccount.Text & "','" & cbBrokerRelationship.Text & "','" & cbClientBroker.Text & "','" & cbClientCorp.Text & "','" & cbClientInd.Text & "','" & cbClientContext.Text & "','" & cbClientCparty.Text & "','" & cbClientFATCA.Text & "','" & cbClientFATCADetails.Text & "','" & cbExtRefPlfmOne.Text & "','" & cbFamilyGroups.Text & "','" & cbFundLoader.Text & "','" & cbGenericVariables.Text & "','" & cbIsadec.Text & "','" & cbLocationStructure.Text & "','" & cbtbMPLocation.Text & "','" & cbMPOut.Text & "','" & cbPatDet.Text & "','" & cbPatHead.Text & "','" & cbProd.Text & "','" & cbNomAcc.Text & "','" & cbNomAccLink.Text & "','" & cbAssetClassification.Text & "','" & cbOutCam.Text & "','" & cbSIPPAcc.Text & "','" & cbSIPPBCE.Text & "','" & cbSIPPBen.Text & "','" & cbSIPPLTA.Text & "','" & cbSIPPPAYE.Text & "','" & cbSIPPPen.Text & "','" & cbSIPPReg.Text & "','" & cbUnitPrice.Text & "','" & cbUserGroups.Text & "','" & cbUserPerm.Text & "')"
cmd.ExecuteNonQuery("")
cn.Close()
cbEnv.Text = ""
rbUnreconciled.Text = ""
rbReconciled.Text = ""
End If
End Sub
The error is very clear - there's no overload of ExecuteNonQuery() that takes a single string parameter as you're supplying here:
cmd.ExecuteNonQuery("")
ExecuteNonQuery() expects no parameters - so just change that line of code to
cmd.ExecuteNonQuery()
and you should be fine.
This question already has answers here:
run time error "3061" : too few parameters, expected 1
(2 answers)
Closed 7 years ago.
I have the following vb statement at Microsoft Access 2010
CurrentDb.Execute "INSERT INTO Table3(Names,ID, center, village, association , BOD ) " & _
" VALUES(" & Me.fullnametxt & ",'" & Me.worktxt & "','" & _
Me.Combo39 & "','" & Me.assoctxt & "','" & Me.datetraintxt & "','" & Me.datetraintxt & "')"
It generates
Run-time error '3061'. Too few parameters. Expected 1.
You miss some quotes:
CurrentDb.Execute "INSERT INTO Table3 ( Names, ID, center, village, association , BOD ) " & _
" VALUES ('" & Me.fullnametxt & "','" & Me.worktxt & "','" & _
Me.Combo39 & "','" & Me.assoctxt & "','" & Me.datetraintxt & "','" & Me.datetraintxt & "')"
I keep getting a syntax error when I run a debug on the following code:
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles add.Click
Dim cmd As New OleDb.OleDbCommand
If Not cnn.State = ConnectionState.Open Then
'Open Connection if not yet Open
cnn.Open() End If
cmd.Connection = cnn
If Me.sn.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO First_Year(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX,SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother,Occupation_m,School Last Attended,Address School,Middle_Name)" +
"VALUES ('" & Me.sn.Text & "','" & Me.fn.Text & "','" & Me.ln.Text & "' ,'" & Me.Year.Text & "','" & Me.ed.Value & "','" & Me.s.Text & "','" & Me.sy.Text & "','" & Me.cs.Text & "','" & Me.re.Text & "'," & Me.cn.Text & ",'" & Me.bd.Value & "','" & Me.fa.Text & "','" & Me.fo.Text & "','" & Me.ma.Text & "','" & Me.mo.Text & "','" & Me.lad.Text & "','" & Me.ad.Text & "','" & Me.mi.Text & "')"
cmd.ExecuteNonQuery()
Can some please point out to me whats wrong with it?
You have some fields name that contains spaces. To use these fields names you need to enclose them in square brackets
cmd.CommandText = "INSERT INTO First_Year " & _
"(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX, " & _
"SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother, " &
"Occupation_m,[School Last Attended],[Address School],Middle_Name) " &
"...... "
Said that, remember that string concatenations like yours lead to Sql Injection and problem in parsing strings that contains quotes (O'Brien) or decimal numbers or date
Search about Sql Injection and Parameterized queries
A parameterized approach to your query would be
cmd.CommandText = "INSERT INTO First_Year " & _
"(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX, " & _
"SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother, " &
"Occupation_m,[School Last Attended],[Address School],Middle_Name) " &
"VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"
cmd.Parameters.AddWithValue("#p1", Me.sn.Text)
cmd.Parameters.AddWithValue("#p2", Me.fn.Text)
... and so on for the remainder 16 parameters placeholders
... respecting their position and converting to the appropriate datatype
you need to remove the space here (in your query) :
......School Last Attended,Address School.......
or write it like this :
..........[School Last Attended],[Address School]..........
The above error is being thrown when I run the below command:
CurrentDb.Execute "INSERT INTO Table2(FirstName, LastName)" & "VALUES('" & Me.frst_Name_txt & ", '" & Me.lst_Name_txt & "','" & "')"
Can anyone see where I am going wrong?
Thanks
The error:
You have extra value '" & "' and also Text data types require delimiters around the value. At its simplest an apostrophe.
Try this
CurrentDb.Execute "INSERT INTO Table2(FirstName, LastName)" & "VALUES('" & Me.frst_Name_txt & "','" & Me.lst_Name_txt & "')"
You're missing an apostrophe: CurrentDb.Execute "INSERT INTO Table2(FirstName, LastName) VALUES('" & Me.frst_Name_txt & "', '" & Me.lst_Name_txt & "')"
I've the code to input the values dynamically, when I use it to add the values for the first time, it's fine, but when I want to edit it, the old values didn't inserted on sql query but the new values inserted
Here is the example:
here is the code:
============the function=================
sub ShowItemfgEdit(query,selItemName,defValue,num,cdisable)
response.write "<select " & cdisable & " num=""" & num & """ id=""itemCombo"" name=""" & selItemName & """ class=""label"" onchange=""varUsage.ChangeSatuanDt(this)"">"
if NOT query.BOF then
query.moveFirst
WHILE NOT query.EOF
tulis = ""
if trim(defValue) = trim(query("ckdbarang")) then
tulis = "selected"
end if
response.write "<option value=""" & trim(query("ckdbarang")) & """" & tulis & ">" & trim(query("ckdbarang")) & " - " & trim(query("vnamabarang"))
query.moveNext
WEND
end if
response.write "</select>"
end sub
============calling the function================
<td class="rb" align="left"><% call ShowItemfgEdit(qGetItemfgGrp,"fitem",qGetUsageDt("ckdfg"),countLine,readonlyfg) %></td>
==============post the value======================
<input type="hidden" name="fitem" value="">
================get the value===================
for i = 1 to request.form("hdnOrderNum")
if request.form("selOrdItem_" & i) <> "" then
'bla...blaa...blaa...
ckdfg = trim(request.form("fitem_" & i)) '<==here is the problem
objCommand.commandText = "INSERT INTO IcTrPakaiDt " &_
"(id, id_h, ckdunitkey, cnopakai, dtglpakai, ckdbarang, ckdgudang, nqty1, nqty2, csatuan1, csatuan2, nqtypakai, csatuanpakai, vketerangan, cJnsPakai, ckdprodkey, ckdfg, ncountstart, ncountstop, ncounttotal) " &_
" VALUES " &_
" (" & idDt & ",'" & idHd & "','" & selLoc & "','" & nopakai & "','" & cDate(request.form("hdnUsageDate")) & "','" & trim(ckdbarang) & "','" & trim(ckdgudang) & "'," & nqty1 & "," & nqty2 & ",'" & trim(csatuan1) & "','" & trim(csatuan2) & "'," & nqtypakai & ",'" & csatuanpakai & "','" & trim(keteranganItem) & "','" & trim(cjnspakai) & "','" & ckdprodkey & "','" &ckdfg& "'," & cnt1 & "," & cnt2 & "," & totalcnt & ")"
set qInsertPakaiDt = objCommand.Execute
end if
next
problem: old value of ckdfg didn't inserted to query, but the new value inserted.
How to fix this bug?
You try to post a field with the name fitem rather than fitem_x.
Note: Besides your bug, your code has several bugs including security-related. You don't sanitize the input, for example, for SQL Injection attacks.