Sql database insert problem

Question

0.00/5 (No votes)

See more:

Hi, I'm trying to insert data into a database.

This is my code:

C#

SqlCeConnection conn = new SqlCeConnection(connStr);
conn.Open();

string cmd = "INSERT INTO Log(Type,Rego) VALUES(" + typeBox.Text + "," +     regoBox.Text + ")";

SqlCeCommand writeToDB = new SqlCeCommand(cmd, conn);
writeToDB.ExecuteNonQuery();
conn.Close();

Type is an ntext column and Rego is a float. When I put DA40 in typeBox and 3.0 in regoBox I come up with this error:

The column name is not valid. [Node name (if any)=,Column name=DA40]

Am I doing something silly?
Some help would be most appreciated, thanks

Posted 25-Sep-11 13:54pm

Trplayer

Add a Solution

Comments

Tech Code Freak 26-Sep-11 1:22am

Apart from your question, I want to ask you what are you 'using'?
i.e. When we include 'using System.Data.SqlClient' in .Net Framework 3.5, we normally get SqlConnection, SqlCommand classes. How come you've got SqlCeConnection and SqlCeCommand classes? Sounds strange!

3 solutions

Solution 1

You forgot to enclose the value of the type column with '(Single Quotes). Also, please note that this is not a good way to write queries. Use parameters in putting values to your SqlCommand. See here[^] for reference.

Posted 25-Sep-11 14:27pm

walterhevedeich

Solution 3

you have done one mistak.

C#

string cmd = "INSERT INTO Log(Type,Rego) VALUES('" + typeBox.Text + "'," + regoBox.Text + ")";

put this line into ur code.

Posted 25-Sep-11 15:21pm

Mithlesh Shaw

Updated 25-Sep-11 18:47pm

v3

Comments

Spramodthapa 25-Sep-11 22:30pm

why u guyz always make string concatination.

jus follow diz

public insert into tbluser(string name,string password)
{
sqlparameter[] param=new sqlparameter[2];
sqlparameter[0] param=new sqlparameter("@name",name);
sqlparameter[1] param=new sqlparameter("@password",password);
return connect.procedure("sp_user",param);
}

Anil Honey 206 26-Sep-11 0:54am

good

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

s_magus · Accepted Answer · 2011-09-25T14:46:00

The problem is that you need to have single quotes around the value for Type. Using string concatenation is frowned upon when working with SQL because of SQL injection and other issues. You should get in the habit of using parameterized queries.

C#

string cmd = "INSERT INTO Log(Type, Rego) VALUES('" + typeBox.Text + "'," + regoBox.Text + ")";

Parameterized Query Version.

C#

SqlCeConnection conn = new SqlCeConnection(connStr);
conn.Open();
 
string cmd = "INSERT INTO Log(Type, Rego) VALUES(@Type, @Rego)";
 
SqlCeCommand writeToDB = new SqlCeCommand(cmd, conn);
writeToDB.Parameters.Add(new SqlCeParameter("@Type", typeBox.Text);
writeToDB.Parameters.Add(new SqlCeParameter("@Rego", regoBox.Text);
writeToDB.ExecuteNonQuery();
conn.Close();