Click here to Skip to main content
16,021,687 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi, I have access application allowing users to add accounts, currently the program add,update,deletes information from a linked mdb table. What I can't figure out is how to also add a link to mysql database in order have information in both the mdb and mysql update-to-date.

I created a link to mysql table (called accounts1), and tried to add code to create a dao.recordset but am completely lost.

Also in my Insert query for the last field company, on my access form I have check boxes but on mysql table has numbers associated with each type of company, how do I converted the checkbox marked to a company. (for exmaple if checkbox is marked for 'Fed mutual' the company is assigned '2' on the mysql databse)

What I have tried:

<pre>Private Sub AddCmdButon_Click()
    
    ValidateCmdButton_Click
    
    If Me.ProcessFlagTBox = False Then
       Dim dbs1 As Database
       Dim aTable As Recordset
       Dim srchKey As String
       Set dbs1 = CurrentDb
       Set aTable = dbs1.OpenRecordset("Accounts", dbOpenDynaset)
       srchKey = "[ShortDescription] = '" & Me.ShortDescriptionTBox & "'"
       aTable.FindFirst srchKey
       
       Dim db As DAO.Database
       Dim rstAccounts As DAO.Recordset
       Dim strSQL As String
       Set db = CurrentDb
       strSQL = strSQL = INSERT INTO accounts1 ('ShortDesc', 'Description',     'Account', 'Region', 'CostCode', 'LOB', 'State', 'StateReq', 'NAICPLS', 'Company')
                VALUES ('UCase(Me.ShortDescriptionTBox)', 'UCase(Me.DescriptionTBox)', 'UCase(Me.MajorAccountTBox)', 'UCase(Me.DivRegionTBox)', 'UCase(Me.CostCodeTBox)',
                'UCase(Me.LOBTBox)', 'UCase(Me.StateTBox)', 'Me.[NAIC-PageLineSubLineTBox]', '????';
       Set rstAccounts = db.OpenRecordset(strSQL)
       
       If aTable.NoMatch = True Then
          ' Record not found (Add it)
          aTable.AddNew
          aTable![ShortDescription] = UCase(Me.ShortDescriptionTBox)
          aTable![Description] = UCase(Me.DescriptionTBox)
          aTable![MajorAccount] = UCase(Me.MajorAccountTBox)
          aTable![DivReg] = UCase(Me.DivRegionTBox)
          aTable![CostCenter] = UCase(Me.CostCodeTBox)
          aTable.Update
          MsgBox "The record was successfully added.", vbOKOnly, "INFORMATIONAL MESSAGE BOX"
          ClearCmdButton_Click
          Me.DescrComboBoxCBox.Requery
          Me.DescrComboBoxCBox1.Requery
         Else
          ' Record found (Duplicate)
          MsgBox "The record already exist on file. ", vbOKOnly, "INFORMATIONAL MESSAGE BOX"
       End If
       aTable.Close
       dbs1.Close
    End If
    

End Sub
Posted
Updated 18-Apr-19 9:06am

 
Share this answer
 
Comments
Member 14315552 18-Apr-19 12:15pm    
Can you give some ideas on how to solve the issue with company field? Like in the access form there is different companies and either you check or uncheck whichever applies but in the mysql database table the company is associated with a number. What code do I use to convert the checkbox to digit?
Dave Kreskowiak 18-Apr-19 13:03pm    
I couldn't tell you. I have no idea what your MySQL database structure is like nor what those values mean.

Typically, you would find one of two solutions associated with a problem like this. Either an arbitrary value is assigned to each Company or each Company has it's own record describing it in the database. In either case, there is a mapping table between the Company (recordId or value) that associates each Company that is picked with the parent record.

So, if you have a record that can be associated with multiple Companies, you would have a table for the record you are associating, a table describing the Companies, and another table mapping between the two with two columns, one for the recordId you're associating with and another holding the recordId's of the Companies you're associating it with.
This is not correct vba syntax
VB
strSQL = strSQL = INSERT INTO accounts1 ('ShortDesc', 'Description',     'Account', 'Region', 'CostCode', 'LOB', 'State', 'StateReq', 'NAICPLS', 'Company')
                VALUES ('UCase(Me.ShortDescriptionTBox)', 'UCase(Me.DescriptionTBox)', 'UCase(Me.MajorAccountTBox)', 'UCase(Me.DivRegionTBox)', 'UCase(Me.CostCodeTBox)',
                'UCase(Me.LOBTBox)', 'UCase(Me.StateTBox)', 'Me.[NAIC-PageLineSubLineTBox]', '????';

And this is not a correct sql statement either.
SQL Tutorial[^]
SQL INSERT INTO Statement[^]

And as I understand it, it is also subject to SQL injection vulnerability.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900