Click here to Skip to main content
15,917,971 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
SqlException (0x80131904): Incorrect syntax near '('.

SQL
string s11 = "update SessionItem(ItemName,Quantity,Price,Date,Month) set ItemName='" + TextBox7.Text + "',Quantity='" + nb + "',Price='" + TextBox9.Text + "',Date='" + dt1 + "',Month='" + month1 + "' where ItemName='" + TextBox7.Text + "' ";
 SqlCommand cmdh = new SqlCommand(s11, DbConnection.mCon);
 cmdh.ExecuteNonQuery();
Posted
Updated 17-Dec-12 0:28am
v2
Comments
Kiran Susarla 17-Dec-12 6:30am    
I am assuming SessionItem is your table name. Why are you specifying the column names after SessionItem?
visnumca123 17-Dec-12 6:32am    
string s11 = "update SessionItem set ItemName='" + TextBox7.Text + "',Quantity='" + nb + "',Price='" + TextBox9.Text + "',Date='" + dt1 + "',Month='" + month1 + "' where ItemName='" + TextBox7.Text + "' ";
SqlCommand cmdh = new SqlCommand(s11, DbConnection.mCon);
cmdh.ExecuteNonQuery();
ravuravu 17-Dec-12 6:36am    
am specifying because of more fields in it,but am updating the selected fields so that am specifying the fields
ravuravu 17-Dec-12 6:41am    
yes thats the correct way
ravuravu 17-Dec-12 6:42am    
i correct it
thank u kiran and vishnumcal

The format of an UPDATE command is not the same as an INSERT:
SQL
UPDATE <table_name> SET <field>=<new value>,<field... WHERE ...


Having said that, do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

[edit]Forgot to encode HTML, grr. - OriginalGriff[/edit]



"sir pls show an example for parameterized queries"


C#
using (SqlConnection con = new SqlConnection(strConnect))
    {
    con.Open();
    using (SqlCommand com = new SqlCommand("UPDATE myTable SET myColumn1=@C1, myColumn2=@C2 WHERE Id=@ID", con))
        {
        com.Parameters.AddWithValue("@ID", id);
        com.Parameters.AddWithValue("@C1", myValueForColumn1);
        com.Parameters.AddWithValue("@C2", myValueForColumn2);
        com.ExecuteNonQuery();
        }
    }
 
Share this answer
 
v4
Comments
ravuravu 17-Dec-12 6:37am    
sir pls show an example for parameterized queries
OriginalGriff 17-Dec-12 6:42am    
Answer updated
ravuravu 17-Dec-12 6:44am    
thanks for sending the parameterized queries
OriginalGriff 17-Dec-12 6:49am    
You're welcome!
SQL
string s11 = "update SessionItem set ItemName='" + TextBox7.Text + "',Quantity='" + nb + "',Price='" + TextBox9.Text + "',Date='" + dt1 + "',Month='" + month1 + "' where ItemName='" + TextBox7.Text + "' ";
 SqlCommand cmdh = new SqlCommand(s11, DbConnection.mCon);
 cmdh.ExecuteNonQuery();


Note: For better performance and security make a good habbit to use parameterized query.


Thanks
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900