Click here to Skip to main content
15,892,746 members
Search within:


How do I fix the syntax error in the first line?
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
MySQL
I have a MySQL Syntax Error in the 1. Line.

Server and Username are changed for this.

Here is the Code
C#
private void button2_Click(object sender, EventArgs e)
{
  string constring = "datasource = 123.456.789 ;port = 3306;username = xxx;password = xxx";
  string query = "INSERT  INTO mysqlcshap.Leitstelle(Auftragsnummer,Objekt,Etage/Station,Straße,HNR) VALUES('" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "','" + textBox5.Text + "');";

  MySqlConnection Dateneingabe =new MySqlConnection(constring);
  MySqlCommand cmd = new MySqlCommand(query, Dateneingabe);
  MySqlDataReader myReader;

  try
  {
    Dateneingabe.Open();
    myReader = cmd.ExecuteReader();
    MessageBox.Show("Einsatz angelegt!");

    while (myReader.Read()) { }
  }
  catch (Exception ex)
  { 
    MessageBox.Show(ex.Message); 
  }
}


What I have tried:

I've tried to Change it from Server to Datasource.
Posted
Updated 9-Jul-18 4:25am
v2
Add a Solution
Comments
Kornfeld Eliyahu Peter 9-Jul-18 8:20am    
This line: string constring = "datasource = 123.456.789 ;port = 3306;username = xxx;password = xxx"; ?
It has no syntax error? You may use an other value that contains special character like backslash or quote or double-quote?
F-ES Sitecore 9-Jul-18 8:33am    
It means line 1 of your SQL, not line 1 of the code. Look at the sql you're executing (the actual SQL using the debugger, not the code) and see if you can spot the issue. It could be the column names, do you actually have a column name called "Etage/Station"? Try putting square brackets around the column names

NSERT INTO mysqlcshap.Leitstelle([Auftragsnummer],[Objekt],[Etage/Station],[Straße],[HNR])

If that's really your column name then consider using ones with just basic letters, no spaces or other funny characters.

Using parameterised queries will fix further potential issues as well as protect you from SQL injection attacks.

3 solutions

There is no syntax error as far as C# - but it doesn't look like a valid connection string: MySQL :: MySQL Connector/NET Developer Guide :: 5.1.1 Creating a Connector/NET Connection String[^]
I'd suggest that you look at where you got that, and see if there is a workign example somewhere else.

[edit]
And don't do it like that!
Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'
Which SQL sees as three separate commands:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
SQL
DROP TABLE MyTable;
A perfectly valid "delete the table" command
SQL
--'
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
[/edit]
 
Share this answer
 
Posted
Updated 9-Jul-18 2:32am
v2
You have a field name containing a slash character. Then the field name must be quoted. See MySQL :: MySQL 8.0 Reference Manual :: 9.2 Schema Object Names[^]:
Quote:
Permitted characters in unquoted identifiers:

ASCII: [0-9,a-z,A-Z$_] (basic Latin letters, digits 0-9, dollar, underscore)

Extended: U+0080 .. U+FFFF
Avoid such characters for field and table names. So I suggest to change the field name if possible.
 
Share this answer
 
Posted
C#
string query = "INSERT  INTO mysqlcshap.Leitstelle(Auftragsnummer,Objekt,Etage/Station,Straße,HNR) VALUES('" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "','" + textBox5.Text + "');";

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How do I fix notice " column 'firstname' cannot be null " with error on line 17
I can't seem to fix the error in this Python code. Can I know what it is? The error seems to appear in the 84th line.
How do I fix the syntax error in my SQL datebase
How do I fix the syntax error on line 1?
How do I fix this line of code of smile detection project
How do I fix these syntax errors ?
How do I fix these errors
How to fix a def syntax error
How can I fix this. Fatal error: uncaught mysqli_SQL_exception: you have an error in your SQL syntax; thrown in C:\xampp\kishanga apps\htdocs\DAMS\admin_dashboard.php on line 12
How do I fix this problem? Error in my SQL syntax

Advertise
Privacy
Cookies
Terms of Use
Last Updated 9 Jul 2018
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900