Query in SQLExpress

Question

0.00/5 (No votes)

See more:

C#

mycmd = mycn.CreateCommand();
 mycmd.CommandText = "CREATE TABLE IF NOT EXISTS `ems_db1.dbo`.`querysummary` LIKE `ems_db1.dbo`.`" + TreeView1.SelectedNode.Text + "_querysummary`";
               mycmd.ExecuteNonQuery();

I Use above code in Mysql it work proper but now I shift database to SQLExpress after firing this query in code c# code it gives an following error.

Incorrect syntax near the keyword 'IF'.

Incorrect syntax near '`'.

Is my something wrong in my query?

Posted 16-Nov-15 19:25pm

Member 11922776

Updated 16-Nov-15 19:26pm

v3

Add a Solution

Comments

Member 11922776 17-Nov-15 2:08am

is my question wrong?

OriginalGriff 17-Nov-15 2:18am

Have patience. It's early in the morning in Europe, and hassling people to answer you is not a good way to get volunteers to help you... 40 minutes is all you waited...

Member 11922776 17-Nov-15 2:34am

It's afternoon in other countries. It is not the case that, I am asking to particular one.

George Jonsson 17-Nov-15 2:56am

And how did you spend your 40 minutes?
Did you read the documentation for the syntax for creating a table in SQL Express?
Because if you did you would most likely have found the answer OriginalGriff has provided for you.

3 solutions

Solution 2

Connect to the DB, and try this:

SQL

IF object_id('querysummary', 'U') IS NOT NULL
    CREATE TABLE 'querysummary' ...

'

Posted 16-Nov-15 20:16pm

OriginalGriff

Comments

George Jonsson 17-Nov-15 2:58am

Not so impatient when it comes to accept your solution. :-)

Maciej Los 17-Nov-15 3:37am

5ed!

Solution 3

In addition to solution 2 by OriginalGriff[^]... Do not use such of statements! Why?
1) your statement is Sql Injection[^] vulnerable,
2) you can't control the count of newly created tables
3) it requires admin privileges (be careful in giving full access to the inexperienced users!),
4) etc.

For further information, please see:
How To: Protect From SQL Injection in ASP.NET[^]
Do Stored Procedures Protect Against SQL Injection?[^]
SQL Injection and how to avoid it[^]

Posted 16-Nov-15 21:44pm

Maciej Los

Updated 16-Nov-15 21:45pm

v2

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Member 11922776 · Accepted Answer · 2015-11-16T23:29:00

Solution 4

SQL

IF NOT EXISTS (SELECT * FROM sysobjects WHERE name='tbl_name' AND xtype='U')
    select * into ems_db1.dbo.kquerysummary from ems_db1.dbo.querysummary where 1 = 0

Posted 16-Nov-15 23:29pm

Member 11922776