Click here to Skip to main content
11,704,509 members (55,282 online)
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C# WinForm .NET4.5
hi!! i am getting Syntax Error in Update Statement

the values are provided by clicking a cell in datagridview...


OleDbCommand cmd = new OleDbCommand("update from Purchases SET '" + name_of_column + "' ="  + new_val + " WHERE '" + name_of_column + "' ="  + cellvalue, con);


can someone please help me with this...

Thanks in Advance.. Smile | :)
Posted 24-Feb-13 3:20am
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

"from" is not used in "UPDATE" statement.

OleDbCommand cmd = new OleDbCommand("Update Purchases SET '" + name_of_column + "' ="  + new_val + " WHERE '" + name_of_column + "' ="  + cellvalue, con);

The way you are concatenating user input instead of using OleDbParameter class leaves your program susceptible to SQL Injection Attack. Using an SQL Injection Attack, a nefarious individual could erase or damage your database.
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

The reason behind this syntax error is in your upadate query. you are passing your table name as a string value with single quotes and the value without single quotes.
Rewrite your code like this:
OleDbCommand cmd = new OleDbCommand("update Purchases SET " + name_of_column + " ='"  + new_val + "' WHERE " + name_of_column + " = '"  + cellvalue + "', con);
  Permalink  
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

i think u dont need to put the word from in the commandString
i.e. ur command was:
OleDbCommand cmd = new OleDbCommand("update from Purchases SET '" + name_of_column + "' ="  + new_val + " WHERE '" + name_of_column + "' ="  + cellvalue, con);
but it must be
OleDbCommand cmd = new OleDbCommand("update Purchases SET '" + name_of_column + "' ="  + new_val + " WHERE '" + name_of_column + "' ="  + cellvalue, con);
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Sergey Alexandrovich Kryukov 700
1 OriginalGriff 495
2 Andy Lanng 275
3 CPallini 242
4 Maciej Los 235
0 OriginalGriff 8,824
1 Sergey Alexandrovich Kryukov 8,247
2 CPallini 5,189
3 Maciej Los 4,726
4 Mika Wendelius 3,606


Advertise | Privacy | Mobile
Web02 | 2.8.150819.1 | Last Updated 24 Feb 2013
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100