SQL Date Format - sql-server

I'm working with an SQL Server and I'm create a program to add records to the database. However, the database's field for the Dates of Births isn't being accepted.
At the server side, the data type is 'Date' on MS Express SQL Server that should be YYYY-MM-DD. However, when trying to 'upload' the new records from the program the dates are being rejected. I know it's down to how I'm formatting them and particularly I know it's literally just two lines of code; But I can't get it going!
SQL = "Insert into PersonsA(Members_ID," & _
"Gamer_Tag," & _
"Screenname," & _
"First_Name," & _
"Last_Name," & _
"DoB," & _
"E_Mail_Address," & _
"Position," & _
"U_G_Studio," & _
"Cautions," & _
"Record," & _
"Event_Attendance," & _
"Member_Status) values('" & Me.midtxt.Text.Trim & "'," & _
"'" & Me.gttxt.Text.Trim & "'," & _
"'" & Me.sntxt.Text.Trim & "'," & _
"'" & Me.fntxt.Text.Trim & "'," & _
"'" & Me.lntxt.Text.Trim & "'," & _
"" & Val(Me.dobtxt.Text) & "" & _ 'THIS IS THE DATES OF BIRTHS
"'" & Format(Me.dobtxt.Text, "YYYY-MM-DD") & "'," & _ 'THIS IS FORMATTING
"'" & Me.emailtxt.Text.Trim & "'," & _
"'" & Me.teamptxt.Text.Trim & "'," & _
"'" & Me.ugptxt.Text.Trim & "'," & _
"'" & Me.ugctxt.Text.Trim & "'," & _
"'" & Me.recordtxt.Text.Trim & "'," & _
"'" & Me.eventatxt.Text.Trim & "'," & _
"'" & Me.Mstattxt.Text.Trim & "')"
So as you can see the two lines I'm having trouble are:
"" & Val(Me.dobtxt.Text) & "" & _
"'" & Format(Me.dobtxt.Text, "YYYY-MM-DD") & "'," & _
I know it'll be something really stupid, but I'm newish to programming.

Reject your command string and start using SqlParameter.
Dim conn As New SqlConnection("conStr")
Dim cmd As SqlCommand = conn.CreateCommand()
cmd.CommandText = "INSERT INTO [PersonsA] ([Members_ID], [Gamer_Tag]) VALUES (#Members_ID, #Gamer_Tag);"
cmd.Parameters.AddWithValue("#Members_ID", Me.midtxt.Text.Trim) '<- If Int type change to: Integer.Parse(Me.midtxt.Text.Trim)
cmd.Parameters.AddWithValue("#Gamer_Tag", Me.gttxt.Text.Trim)
conn.Open()
cmd.ExecuteNonQuery()
Date column example:
cmd.Parameters.AddWithValue("#MY_DATE_PARAM", Date.Parse(Me.dateTextBox.Text.Trim))

Related

Incorrect Syntax Error running SQL command in VB.NET

I have a SQL command that I'm running in VB.NET... I've written this type of command countless times, however, I'm getting an error when trying to process the command below:
Dim VIconn As New SqlConnection("Data Source=MBSRVERP01;Initial Catalog=MBUk;Integrated Security=True")
Dim CMDoperation As SqlCommand = New SqlCommand()
CMDoperation.Connection = VIconn
CMDoperation.CommandText = ("INSERT INTO PRJCREATION.dbo.OPERATION_CO (WORKORDER_TYPE, WORKORDER_BASE_ID, WORKORDER_LOT_ID, WORKORDER_SPLIT_ID, WORKORDER_SUB_ID, SEQUENCE_NO, RESOURCE_ID, SETUP_HRS, " _
& "RUN, RUN_TYPE, LOAD_SIZE_QTY, RUN_HRS, MOVE_HRS, TRANSIT_DAYS, SERVICE_ID, SCRAP_YIELD_PCT, SCRAP_YIELD_TYPE, FIXED_SCRAP_UNITS, MINIMUM_MOVE_QTY, CALC_START_QTY, " _
& "CALC_END_QTY, COMPLETED_QTY, DEVIATED_QTY, ACT_SETUP_HRS, ACT_RUN_HRS, STATUS, SETUP_COMPLETED, SERVICE_BEGIN_DATE, CLOSE_DATE, OPERATION_TYPE, DRAWING_ID, DRAWING_REV_NO, " _
& "OVERRIDE_QTYS, BEGIN_TRACEABILITY, CAPACITY_USAGE_MAX, CAPACITY_USAGE_MIN, TEST_ID, SPC_QTY, SCHED_START_DATE, SCHED_FINISH_DATE, COULD_FINISH_DATE, ISDETERMINANT, " _
& "SETUP_COST_PER_HR, RUN_COST_PER_HR, RUN_COST_PER_UNIT, BUR_PER_HR_SETUP, BUR_PER_HR_RUN, BUR_PER_UNIT_RUN, SERVICE_BASE_CHG, BUR_PERCENT_SETUP, BUR_PERCENT_RUN, " _
& "BUR_PER_OPERATION, EST_ATL_LAB_COST, EST_ATL_BUR_COST, EST_ATL_SER_COST, REM_ATL_LAB_COST, REM_ATL_BUR_COST, REM_ATL_SER_COST, ACT_ATL_LAB_COST, ACT_ATL_BUR_COST, " _
& "ACT_ATL_SER_COST, EST_TTL_MAT_COST, EST_TTL_LAB_COST, EST_TTL_BUR_COST, EST_TTL_SER_COST, REM_TTL_MAT_COST, REM_TTL_LAB_COST, REM_TTL_BUR_COST, REM_TTL_SER_COST, " _
& "ACT_TTL_MAT_COST, ACT_TTL_LAB_COST, ACT_TTL_BUR_COST, ACT_TTL_SER_COST, SPLIT_ADJUSTMENT, MILESTONE_ID, SCHEDULE_TYPE, MIN_SEGMENT_SIZE, PROTECT_COST, DRAWING_FILE, " _
& "DISPATCHED_QTY, SERVICE_MIN_CHG, VENDOR_ID, VENDOR_SERVICE_ID, SERVICE_PART_ID, LAST_DISP_DATE, LAST_RECV_DATE, WAREHOUSE_ID, ALLOCATED_QTY, FULFILLED_QTY, " _
& "LEAST_MIN_MOVE_QTY, MAX_GAP_PREV_OP, APPLY_CALENDAR, MAX_DOWNTIME, ACCUM_DOWNTIME, RUN_QTY_PER_CYCLE, USER_1, USER_2, USER_3, USER_4, USER_5, USER_6, USER_7, USER_8, " _
& "USER_9, USER_10, UDF_LAYOUT_ID, NUM_MEM_TO_SCHED, SERVICE_BUFFER, MILESTONE_SUB_ID, POST_MILESTONE, PROJ_MILESTONE_OP, WBS_CODE, WBS_START_DATE, WBS_END_DATE, " _
& "WBS_DURATION, MILESTONE_SEQ_NO, PRD_INSP_PLAN_ID, SETUP_INSPECT_REQ, RUN_INSPECT_REQ, STATUS_EFF_DATE, PRED_SUB_ID, PRED_SEQ_NO, SITE_ID, SCHED_CAPACITY_USAGE)" _
& "SELECT WORKORDER_TYPE, WORKORDER_BASE_ID + 'F', WORKORDER_LOT_ID, WORKORDER_SPLIT_ID, WORKORDER_SUB_ID, SEQUENCE_NO, RESOURCE_ID, SETUP_HRS, " _
& "RUN, RUN_TYPE, LOAD_SIZE_QTY, RUN_HRS, MOVE_HRS, TRANSIT_DAYS, SERVICE_ID, SCRAP_YIELD_PCT, SCRAP_YIELD_TYPE, FIXED_SCRAP_UNITS, MINIMUM_MOVE_QTY, CALC_START_QTY, " _
& "CALC_END_QTY, COMPLETED_QTY, DEVIATED_QTY, ACT_SETUP_HRS, ACT_RUN_HRS, 'R', SETUP_COMPLETED, SERVICE_BEGIN_DATE, NULL, OPERATION_TYPE, DRAWING_ID, DRAWING_REV_NO, " _
& "OVERRIDE_QTYS, BEGIN_TRACEABILITY, CAPACITY_USAGE_MAX, CAPACITY_USAGE_MIN, TEST_ID, SPC_QTY, NULL, NULL, NULL, ISDETERMINANT, " _
& "SETUP_COST_PER_HR, RUN_COST_PER_HR, RUN_COST_PER_UNIT, BUR_PER_HR_SETUP, BUR_PER_HR_RUN, BUR_PER_UNIT_RUN, SERVICE_BASE_CHG, BUR_PERCENT_SETUP, BUR_PERCENT_RUN, " _
& "BUR_PER_OPERATION, EST_ATL_LAB_COST, EST_ATL_BUR_COST, EST_ATL_SER_COST, REM_ATL_LAB_COST, REM_ATL_BUR_COST, REM_ATL_SER_COST, ACT_ATL_LAB_COST, ACT_ATL_BUR_COST, " _
& "ACT_ATL_SER_COST, EST_TTL_MAT_COST, EST_TTL_LAB_COST, EST_TTL_BUR_COST, EST_TTL_SER_COST, REM_TTL_MAT_COST, REM_TTL_LAB_COST, REM_TTL_BUR_COST, REM_TTL_SER_COST, " _
& "ACT_TTL_MAT_COST, ACT_TTL_LAB_COST, ACT_TTL_BUR_COST, ACT_TTL_SER_COST, SPLIT_ADJUSTMENT, MILESTONE_ID, SCHEDULE_TYPE, MIN_SEGMENT_SIZE, PROTECT_COST, DRAWING_FILE, " _
& "DISPATCHED_QTY, SERVICE_MIN_CHG, VENDOR_ID, VENDOR_SERVICE_ID, SERVICE_PART_ID, LAST_DISP_DATE, LAST_RECV_DATE, WAREHOUSE_ID, ALLOCATED_QTY, FULFILLED_QTY, " _
& "LEAST_MIN_MOVE_QTY, MAX_GAP_PREV_OP, APPLY_CALENDAR, MAX_DOWNTIME, ACCUM_DOWNTIME, RUN_QTY_PER_CYCLE, USER_1, USER_2, USER_3, USER_4, USER_5, USER_6, USER_7, USER_8, " _
& "USER_9, USER_10, UDF_LAYOUT_ID, NUM_MEM_TO_SCHED, SERVICE_BUFFER, MILESTONE_SUB_ID, POST_MILESTONE, PROJ_MILESTONE_OP, WBS_CODE, WBS_START_DATE, WBS_END_DATE, " _
& "WBS_DURATION, MILESTONE_SEQ_NO, PRD_INSP_PLAN_ID, SETUP_INSPECT_REQ, RUN_INSPECT_REQ, STATUS_EFF_DATE, PRED_SUB_ID, PRED_SEQ_NO, SITE_ID, SCHED_CAPACITY_USAGE" _
& "FROM MBUK.dbo.OPERATION db2 " _
& "WHERE (db2.WORKORDER_BASE_ID = '" & rw.Cells(8).Value & "')")
CMDoperation.ExecuteNonQuery()
The error I get is {"Incorrect syntax near '.'."}
The SQL command is simply inserting data from a table in database A into a table in database B... Nothing complex.
Can anyone spot where I'm going wrong here?
Thanks
Here my 2 cents:
pay attention to VB concatenation, the end of the line is strictly attached to the following one, so in your code
& "WBS_DURATION, MILESTONE_SEQ_NO, PRD_INSP_PLAN_ID, SETUP_INSPECT_REQ, RUN_INSPECT_REQ, STATUS_EFF_DATE, PRED_SUB_ID, PRED_SEQ_NO, SITE_ID, SCHED_CAPACITY_USAGE" _
& "FROM MBUK.dbo.OPERATION db2 " _
vb ends concatenating words in this way: SCHED_CAPACITY_USAGEFROM
so add an extra space at the end of each line you concatenate.

VBA inserting Update Statement with multiple columns to table in SQL

can anyone help me where am I doing wrong.. im building an update statement with multiple columns to update MSQL with VBA and values from Excel. heres my simple code, Im parsing variable in function to execute SQL command (I have a table name "People" and I have define all the column) below:
Function GetUpdateTextSQL(PIC As String,
Customer As String,
DOB As Date,
Rank As String,
Organization As String,
Status As String,
Gender As String,
Religion As String,
Hobby As String,
CreatedBy1 As String,
CreatedOn1 As Date,
ChangedBy1 As String,
ChangedOn1 As Date,
PeopleID As Integer) As String
SQLStr = _
"UPDATE People" & _
"SET PIC = " & _
"'" & PIC & "', Customer = '" & Customer & "'," & _
"DOB = '" & Format(DOB, "yyyy-mm-dd") & "', Rank = '" & Rank & "'," & _
"Organization = '" & Organization & "',Status = '" & Status & "', Gender = '" & Gender & "'," & _
"Religion = '" & Religion & "', Hobby = '" & Hobby & "'," & _
"CreatedBy = '" & CreatedBy1 & "', CreatedOn = '" & CreatedOn1 & "'," & _
"ChangedBy = '" & ChangedBy1 & "', ChangedOn = '" & ChangedOn1 & "'" & _
"WHERE PeopleID = & PeopleID &;"
GetUpdateTextSQL = SQLStr
//And here Im inserting and executing command below to get values from excel:
For Each r In Range("A45", Range("A45").End(xlDown))
CmdForSave.CommandText = _
GetUpdateTextSQL( _
r.Offset(0, 1).Value, r.Offset(0, 2).Value, _
r.Offset(0, 3).Value, _
r.Offset(0, 4).Value, r.Offset(0, 5).Value, _
r.Offset(0, 6).Value, r.Offset(0, 7).Value, _
r.Offset(0, 8).Value, r.Offset(0, 9).Value, _
r.Offset(0, 10).Value, r.Offset(0, 11).Value, _
r.Offset(0, 12).Value, r.Offset(0, 13).Value, _
r.Offset(0, 0).Value)
CmdForSave.Execute
Next r
The error I get is 'Incorrect Syntax near 'PIC'
What is wrong with my code? Iam using MS SQL Express (SQL 2012)
Thanks All,
I have figured it out why the problem is with space on the update SQL Statement.
The right statement using VBA (space before SET, space before WHERE):
SQLStr = _
"UPDATE People" & _
" SET PIC = '" & PIC & "', Customer = '" & Customer & "'" & _
" WHERE PeopleID = '" & PeopleID & "';"

Getting Syntax Error on INSERT INTO command on Visual Basic 2010 to MS ACCESS 2007

I keep getting a syntax error when I run a debug on the following code:
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles add.Click
Dim cmd As New OleDb.OleDbCommand
If Not cnn.State = ConnectionState.Open Then
'Open Connection if not yet Open
cnn.Open() End If
cmd.Connection = cnn
If Me.sn.Tag & "" = "" Then
cmd.CommandText = "INSERT INTO First_Year(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX,SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother,Occupation_m,School Last Attended,Address School,Middle_Name)" +
"VALUES ('" & Me.sn.Text & "','" & Me.fn.Text & "','" & Me.ln.Text & "' ,'" & Me.Year.Text & "','" & Me.ed.Value & "','" & Me.s.Text & "','" & Me.sy.Text & "','" & Me.cs.Text & "','" & Me.re.Text & "'," & Me.cn.Text & ",'" & Me.bd.Value & "','" & Me.fa.Text & "','" & Me.fo.Text & "','" & Me.ma.Text & "','" & Me.mo.Text & "','" & Me.lad.Text & "','" & Me.ad.Text & "','" & Me.mi.Text & "')"
cmd.ExecuteNonQuery()
Can some please point out to me whats wrong with it?
You have some fields name that contains spaces. To use these fields names you need to enclose them in square brackets
cmd.CommandText = "INSERT INTO First_Year " & _
"(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX, " & _
"SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother, " &
"Occupation_m,[School Last Attended],[Address School],Middle_Name) " &
"...... "
Said that, remember that string concatenations like yours lead to Sql Injection and problem in parsing strings that contains quotes (O'Brien) or decimal numbers or date
Search about Sql Injection and Parameterized queries
A parameterized approach to your query would be
cmd.CommandText = "INSERT INTO First_Year " & _
"(Student_No,Lastname,Firstname,Year_Level,Enroll_Date,SEX, " & _
"SY,CIVIL_STATUS,Religion,Birthdate,TEL_NO,Father,Occupation_F,Mother, " &
"Occupation_m,[School Last Attended],[Address School],Middle_Name) " &
"VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"
cmd.Parameters.AddWithValue("#p1", Me.sn.Text)
cmd.Parameters.AddWithValue("#p2", Me.fn.Text)
... and so on for the remainder 16 parameters placeholders
... respecting their position and converting to the appropriate datatype
you need to remove the space here (in your query) :
......School Last Attended,Address School.......
or write it like this :
..........[School Last Attended],[Address School]..........

Insert into SQL - records gets written twice

I have a program that is Access 2010 front end and a SQL Server database as back end.
I wrote a routine that inserts a record into SQL Server.
Here is the code:
DoCmd.RunSQL "INSERT INTO [dbo_phoneno] (dtstamp, who, what, sortorder, company, typephoneno, name, wphone, cphone, mob) " _
& "VALUES(" _
& "'" & pubDTStamp & "'," _
& "'" & pubWho & "'," _
& "'" & pubWhat & "'," _
& "'" & pubSortOrder & "'," _
& "'" & pubCompany & "'," _
& "'" & pubType & "'," _
& "'" & pubName & "'," _
& "'" & pubWphone & "'," _
& "'" & pubCphone & "'," _
& "'" & pubMob & "') "
The code works fine except when I exit out of the program the record is written out again. I checked the code but do not see where it can be. Does anyone have suggestions?
Either your code gets executed twice or you have a trigger somewhere that does the additional INSERT.
Use Sql Profiler and run a trace. You'll be able to find from where the second INSERT comes from. If it's not from a trigger, then you'll have to set a breakpoint in your app and run it in debug mode.

Syntax Error Updating Records [duplicate]

This question already has an answer here:
Access VBA - Identifying text
(1 answer)
Closed 8 years ago.
I have a form and subform. Im trying to allow updates in the subform with the use of buttons. However my code is giving me.
KEY_ID is text, the other two are number types.
"Syntax error in query expression "5", ROOM=5. DRAWER=55 (this is the new value i tried to change it to) WHERE KEY_ID=5'.
This is an image of my form: http://jumpshare.com/b/17A7Pr
This is what im trying:
Private Sub cmdAdd_Click()
If Me.keyID.Tag & "" = "" Then
CurrentDb.Execute "INSERT INTO KEYS(KEY_ID, ROOM, DRAWER)" & _
" VALUES('" & Me.keyID & "'," & Me.roomID & "," & Me.drawerID & ")"
subKey.Form.Requery
Else
CurrentDb.Execute "UPDATE KEYS " & _
" SET KEY_ID=" & Chr(39) & keyID & Chr(39) & _
", ROOM=" & Me.roomID & _
", DRAWER=" & Me.drawerID & _
" WHERE KEY_ID=" & Me.keyID.Tag
Debug.Print KEY_ID
End If
Solution:
CurrentDb.Execute "UPDATE KEYS " & _
" SET KEY_ID=" & Me.keyID & _
", ROOM=" & Me.roomID & _
", DRAWER=" & Me.drawerID & _
" WHERE KEY_ID=" & Chr(39) & keyID.Tag & Chr(39)
Solution:
CurrentDb.Execute "UPDATE KEYS " & _
" SET KEY_ID=" & Me.keyID & _
", ROOM=" & Me.roomID & _
", DRAWER=" & Me.drawerID & _
" WHERE KEY_ID=" & Chr(39) & keyID.Tag & Chr(39)
Try the code without Chr(39).. This should work.
Private Sub cmdAdd_Click()
If Me.keyID.Tag & "" = "" Then
CurrentDb.Execute "INSERT INTO KEYS(KEY_ID, ROOM, DRAWER)" & _
" VALUES('" & Me.keyID & "'," & Me.roomID & "," & Me.drawerID & ")"
subKey.Form.Requery
Else
CurrentDb.Execute "UPDATE KEYS " & _
" SET KEY_ID=" & keyID & _
", ROOM=" & Me.roomID & _
", DRAWER=" & Me.drawerID & _
" WHERE KEY_ID=" & Me.keyID.Tag
Debug.Print KEY_ID
End If

Resources