Click here to Skip to main content
15,850,548 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I am a beginner to asp.net and i was trying to crate a web page thta registers users in sql database and i got this error massage pls help???
Insert Error:Incorrect syntax near the keyword 'Full'.<br />
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.<br />
<br />
Exception Details: System.Exception: Insert Error:Incorrect syntax near the keyword 'Full'.<br />
<br />
Source Error:<br />
<br />
Line 66:             string msg = "Insert Error:";<br />
Line 67:             msg += ex.Message;<br />
Line 68:             throw new Exception(msg);<br />
Line 69:         }<br />
Line 70:         finally <br />




thank u all for trying to help i am kind of new here.here is the C# code
here is the improved question
i have two text boxes named name and lastname and a submit button in an ~\Test\trial.aspx page

C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;

public partial class Test_trail : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
 private void ExecuteInsert(string name, string username) {
     SqlConnection conn = new SqlConnection();
     conn.ConnectionString = @"Data Source = .\sqlexpress;" +
                    "Database =Test ; Integrated Security=True";

     string sql = "INSERT INTO Test (name, username)";

        try
        {
            conn.Open();
            SqlCommand cmd = new SqlCommand(sql, conn);
            SqlParameter[] param = new SqlParameter[7];
            //param[0] = new SqlParameter("@id", SqlDbType.Int, 20);
            // new SqlParameter("@ Full Name", param[0].SqlDbType.VarChar, 50);
            param[0] = new SqlParameter("@name", System.Data.SqlDbType.VarChar, 50);
            param[1] = new SqlParameter("@Uusername",System.Data.SqlDbType.VarChar,50);
            param[0].Value = username;
            param[1].Value = username;
            for (int i = 0; i < param.Length; i++)
            {
                cmd.Parameters.Add(param[i]);
                cmd.Parameters.Add("@name", System.Data.SqlDbType.VarChar).Value = txtfname;
                cmd.Parameters.Add("@Uusername", System.Data.SqlDbType.VarChar).Value = txtlname;
            }

            cmd.CommandType = System.Data.CommandType.Text;
            cmd.ExecuteNonQuery();
        }
        catch (System.Data.SqlClient.SqlException ex)
        {
            string msg = "Insert Error:";
            msg += ex.Message;
            throw new Exception(msg);
        }
        finally
        {
            conn.Close();
        }
    }                                                                
 protected void  sub_Click(object sender, EventArgs e)
{
            //call the method to execute insert to the database
            ExecuteInsert(txtfname.Text, 
                          txtlname.Text);
            Response.Write("Record was successfully added!");
            ClearControls(Page);
        }
  public static void ClearControls(Control Parent){

        if (Parent is TextBox)
        { (Parent as TextBox).Text = string.Empty; }
        else
        {
            foreach (Control c in Parent.Controls)
                ClearControls(c);
        }
}      
}
Posted
Updated 21-Jun-12 22:02pm
v4
Comments
[no name] 21-Jun-12 2:58am    
please post your query...
mimi from Unknown 22-Jun-12 2:56am    
k i have updated it pls try to help?
Prasad_Kulkarni 21-Jun-12 3:01am    
This is not good way to ask questions, we cannot see your screen or read your mind.
Please post your code snippets to get appropriate and quick response.
Raghuveer Kasyap 21-Jun-12 4:03am    
Please Share the query. It is due to syntactical errors inside the query

there is a special character
'
with Full. Either you use
STRING.Replace("'","''")
or use parameterized query.



Thanks
Ashish
 
Share this answer
 
Comments
mimi from Unknown 22-Jun-12 3:00am    
tnx Ashish but cld u clarify ur ans for me??i have used parameterization but it doesn't seem to help.i have updated the question cld u check it out
AshishChaudha 22-Jun-12 3:05am    
same error you are getting yet??
I think ur sql query string should be like this.

string sql = "INSERT INTO Test (name, username) values (@name,@username);
 
Share this answer
 
Comments
mimi from Unknown 22-Jun-12 3:05am    
my bad!!! tnx very much let me check it out
AshishChaudha 22-Jun-12 3:17am    
for (int i = 0; i < param.Length; i++)
{
cmd.Parameters.Add(param[i]);
cmd.Parameters.Add("@name", System.Data.SqlDbType.VarChar).Value = txtfname;
cmd.Parameters.Add("@Uusername", System.Data.SqlDbType.VarChar).Value = txtlname;
}

you are passing the values txtfname and txtlname..where they defined???? I think they should be param[0].Value and param[1].Value
mimi from Unknown 22-Jun-12 3:55am    
ya but i tried that but it didn't work that is why.let me tell u the error message that i got
An Exception of type 'System.ArgumentNull Exception' occured in System.dll but was not handled in user code.
Additional information:the sql parameter collection can only accept non- null sqlparameter type objects.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900