sqlexception was unhandle

Question

4.00/5 (1 vote)

See more:

my code is...........

C#

{
    SqlConnection con = new SqlConnection("Data Source=RAMESH-PC;Initial Catalog=edburg;Integrated Security=True;Pooling=False");
    con.Open();
    SqlCommand cm = new SqlCommand("insert into table(name,num,sal,phone)  values('" + textBox1.Text + "'," + textBox2.Text + "," + textBox3.Text + "," + textBox4.Text + ")", con);
    MessageBox.Show(cm.ExecuteNonQuery().ToString());
    con.Close();
}

ERROR:Incorrect syntax near the keyword 'table'.

Posted 26-Jan-13 18:54pm

p.shakthivel

Updated 26-Jan-13 19:32pm

Sandeep Mewara

v3

Add a Solution

2 solutions

Solution 1

You've not entered the table name...the right statement is

insert into actual_tablename (.....) values(...)

Since table is the keyword, so it is throwing the error... so replace table with actual table name.

Posted 26-Jan-13 19:32pm

MinhajMohammed

Updated 26-Jan-13 19:34pm

v3

Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sandeep Mewara · Accepted Answer · 2013-01-26T19:37:00

Firstly, you should not use keywords[^] like 'table' for a table name.

Secondly, it looks like there is no space after tablename.
Try:

C#

SqlCommand cm = new SqlCommand("insert into myTable (name,num,sal,phone)  values('" + textBox1.Text + "'," + textBox2.Text + "," + textBox3.Text + "," + textBox4.Text + ")", con);

Third thing, it's bad practice to pass on the controls value directly in query. This can lead to SQL Injection. Read about protecting from SQL Injection here: SQL Injection Mitigation: Using Parameterized Queries[^]

sqlexception was unhandle

2 solutions

Solution 2

Solution 1

Add your solution here

Preview 0

sqlexception was unhandle

2 solutions

Solution 2

Solution 1

Add your solution here

Preview 0

Existing Members

...or Join us