Error in inserting multiple queries to make records in different db tables...

Question

0.00/5 (No votes)

See more:

Hello,

I am having problem in insert query. The first query works fine, if I comment the insert query.
First query is adding balance and second query is making record of the deposit amount in trasaction table but I am getting an error in insert into statement.

Can anyone please help on why I am getting an error?
Here is the piece of code:

C#

MAcmd.CommandText = "Update registeraccount Set Balance =Balance-'" + c + "'where username='" + textBox3.Text + "'";
MAcmd.ExecuteNonQuery();
MAcmd.CommandText = "insert into transaction (username, withdrawamount, date) VALUES ("+textBox3.Text+", '"+textBox4.Text+"','"+textBox1.Text+"');
MAcmd.ExecuteNonQuery();

Posted 1-Mar-11 8:09am

codegeekalpha

Updated 1-Mar-11 8:30am

Sandeep Mewara

v2

Add a Solution

Comments

fjdiewornncalwe 1-Mar-11 14:13pm

What is the error you get? I'm guessing that your date value isn't parsing correctly from textBox1.Text, but unless you give us the error you are seeing, we're only guessing.

codegeekalpha 1-Mar-11 14:29pm

syntax error from insert into statement

Albin Abel 1-Mar-11 14:34pm

What error you are getting? The textbox3 i.e user name is not inside the quotes, the textbox 4 i.e withdrawn amount may not be a string data type, but you are passing in quotes. Not sure the date you are passing in correct format

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sandeep Mewara · Answer 1 · 2011-03-01T08:36:00

A simple use of DEBUGGER would had told you that what was the final command text formed. All you needed was to look at that text and see if there is any issue. Just to confirm, copy it and paste the raw query formed in SQL server and see if it executes without error. This would tell you the issue with the query, if any.

Try (Looks like quotes were missing for username value):

C#

MAcmd.CommandText = "INSERT INTO transaction (username, withdrawamount, date) VALUES ('"+textBox3.Text+"', '"+textBox4.Text+"','"+textBox1.Text+"')";

P.S.: This is assuming that the datatype for the fields being inserted is of varchar type. In case the database fields are different datatype, then you might need to format the values accordingly before inserting.

Now,
1. Always use parameterized query[^]. This would avoid confusion and syntax errors that can come into picture because of quotes. Further, it takes away SQL Injection issue.

2. Always use meaningful names of the control such that you can easily understand what value that control/object hold.

UPDATE 1:
Put a quote just before semicolon too. Query does not need a semicolon at the end.