Click here to Skip to main content
14,448,449 members
Rate this:
Please Sign up or sign in to vote.
See more:
Sir,
i am develop one application these application has 7 textbox controls and 2 button control and using backend
database is sqlserver2008 here is on debugging is no problem but i click the save button it given the error message that message is " Incorrect syntax near ')'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near ')'.

what is the problem
and we are send the code
protected void BTNSAVE(object sender, EventArgs e)
{
    SqlConnection con = new SqlConnection("Data Source=NSYS1\\SQLEXPRESS;Initial Catalog=agfl;connect timeout=30;Integrated Security=True");
    SqlCommand mycom;
    mycom = new SqlCommand("Insert Into stf(sno,rdate,acno,name,vno,amt,edate,chno)Values('" + TextBox1.Text + "','" + TextBox6.Text + "','" + TextBox2.Text + "','" + TextBox7.Text + "','" + TextBox4.Text + "','" + TextBox8.Text + "','" + TextBox5.Text + "','" + TextBox9.Text + "',)", con);
    con.Open();
    mycom.Parameters.AddWithValue("sno", @TextBox1.Text);
    mycom.Parameters.AddWithValue("rdate",@TextBox6.Text);
    mycom.Parameters.AddWithValue("acno", @TextBox2.Text);
    mycom.Parameters.AddWithValue("name", @TextBox7.Text);
    mycom.Parameters.AddWithValue("vno", @TextBox4.Text);
    mycom.Parameters.AddWithValue("amt", @TextBox8.Text);
    mycom.Parameters.AddWithValue("edate",@TextBox5.Text);
    mycom.Parameters.AddWithValue("chno",@TextBox9.Text);
    mycom.ExecuteNonQuery();

    con.Close();

}
Posted
Updated 4-Sep-13 5:19am
v2
Rate this:
Please Sign up or sign in to vote.

Solution 1

It is because you have a comma right before your closing parenthesis.

However, this is a terrible way to do. Anyone who knows enough SQL could drop tables or otherwise mess up your database. I suggest you research SQL Injections. You are also adding parameters to something that doesn't have parameters.

You should change your sql statement to be:

... VALUES (@sno, @rdate, @acno,...)


and then when you add parameters using your textbox values the values will get replaced into the sql statement.
   
Comments
Raghavendra Guptha 4-Sep-13 10:35am
   
Must declare the scalar variable "@TextBox1".
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Must declare the scalar variable "@TextBox1".
ZurdoDev 4-Sep-13 10:43am
   
Yes, you need to do mycom.Parameters.AddWithValue("sno", @sno);
or whatever you name them. They need to match.
Raghavendra Guptha 5-Sep-13 3:10am
   
it's is working on internet explorer but not working mozilla browser . I can't trace the correct problem how is possiable its working one browser
ZurdoDev 5-Sep-13 7:12am
   
What do you mean it isn't working?
Raghavendra Guptha 4-Sep-13 10:36am
   
given the errors message is
Must declare the scalar variable "@TextBox1".
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Must declare the scalar variable "@TextBox1".
Rate this:
Please Sign up or sign in to vote.

Solution 2

First thing's first, you are not using parameterized queries correctly. You are still susceptible to SQL injection and you are assigning values to the column names of the table are you attempting to insert into.

Your code should look something like this:
protected void BTNSAVE(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection("Data Source=NSYS1\\SQLEXPRESS;Initial Catalog=agfl;connect timeout=30;Integrated Security=True");
        SqlCommand mycom;
        mycom = new SqlCommand("Insert Into stf(sno,rdate,acno,name,vno,amt,edate,chno) Values(@sno,@rdate,@acno,@name,@vno,@amt,@edate,@chno)", con);
        con.Open();
        mycom.Parameters.AddWithValue("@sno",TextBox1.Text);
        mycom.Parameters.AddWithValue("@rdate",TextBox6.Text);
        mycom.Parameters.AddWithValue("@acno",TextBox2.Text);
        mycom.Parameters.AddWithValue("@name",TextBox7.Text);
        mycom.Parameters.AddWithValue("@vno",TextBox4.Text);
        mycom.Parameters.AddWithValue("@amt",TextBox8.Text);
        mycom.Parameters.AddWithValue("@edate",TextBox5.Text);
        mycom.Parameters.AddWithValue("@chno",TextBox9.Text);
        mycom.ExecuteNonQuery();

        con.Close();

    }
   
Comments
Raghavendra Guptha 4-Sep-13 10:39am
   
sir , i trying this above code but given the error message is "given the errors message is
Must declare the scalar variable "@TextBox1".
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Must declare the scalar variable "@TextBox1".
"
Richard C Bishop 4-Sep-13 10:53am
   
You are not using the code in my solution then. There is no reference to "@TextBox1" in my solution anywhere.
Rate this:
Please Sign up or sign in to vote.

Solution 3

mycom = new SqlCommand("Insert Into stf(sno,rdate,acno,name,vno,amt,edate,chno)Values('" + TextBox1.Text + "','" + TextBox6.Text + "','" + TextBox2.Text + "','" + TextBox7.Text + "','" + TextBox4.Text + "','" + TextBox8.Text + "','" + TextBox5.Text + "','" + TextBox9.Text + "')", con);
   
v2
Rate this:
Please Sign up or sign in to vote.

Solution 5

protected void BTNSAVE(object sender, EventArgs e)
       {
           SqlConnection con = new SqlConnection("Data Source=NSYS1\\SQLEXPRESS;Initial Catalog=agfl;connect timeout=30;Integrated Security=True");
           SqlCommand mycom;
           mycom = new SqlCommand("Insert Into stf(sno,rdate,acno,name,vno,amt,edate,chno)Values('" + TextBox1.Text + "','" + TextBox6.Text + "','" + TextBox2.Text + "','" + TextBox7.Text + "','" + TextBox4.Text + "','" + TextBox8.Text + "','" + TextBox5.Text + "','" + TextBox9.Text + "',">remove this comma,)", con);
           con.Open();
           mycom.Parameters.AddWithValue("sno", @TextBox1.Text);
           mycom.Parameters.AddWithValue("rdate",@TextBox6.Text);
           mycom.Parameters.AddWithValue("acno", @TextBox2.Text);
           mycom.Parameters.AddWithValue("name", @TextBox7.Text);
           mycom.Parameters.AddWithValue("vno", @TextBox4.Text);
           mycom.Parameters.AddWithValue("amt", @TextBox8.Text);
           mycom.Parameters.AddWithValue("edate",@TextBox5.Text);
           mycom.Parameters.AddWithValue("chno",@TextBox9.Text);
           mycom.ExecuteNonQuery();

           con.Close();

       }



if you are getting string or binary data truncated then your txtboxes should have ' so you should replace this one by the ''

hope this will help you regards...:)
   
v5
Rate this:
Please Sign up or sign in to vote.

Solution 4

hi,,
here is the sample query for insert

Sqlconnection con=new Sqlconnection();
con.open();
con.Connectionstring="Data Source=PHANNY-PC\PHANNY; Initial Catalog=db_stuRegisterPay; Integrated Security=SSPI";
string query="insert into Persons_info(perID, latinName, gender, dob, pob, phone, passport, curAdd, status) values('" + txtID.Text + "','" + txtLatinName.Text + "','" + cbGender.Text + "'" + dTPdob.Text + txtPob.Text + "','" + txtPhone.Text + "','" + txtPassport.Text + "'" + txtCurAdd.Text + "'" + cbStatus.Text + " )";
 
SqlCommand cmd=new SqlCommand(query,con);
cmd.ExecuteNonQuery();
 
MessageBox.show("Saving is done!");




hope this helps
Happy coding :)
   
Comments
Raghavendra Guptha 5-Sep-13 2:13am
   
i am trying the above code but given the error is " String or binary data would be truncated.
The statement has been terminated.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: String or binary data would be truncated.
The statement has been terminated.

Source Error:
"
Priyanka Bhagwat 5-Sep-13 2:20am
   
You will get error "String or binary data would be truncated. The statement has been terminated." when existing column contains data having more length than new column length.
please check your db
Raghavendra Guptha 5-Sep-13 3:14am
   
it's is working on internet explorer but not working mozilla browser . I can't trace the correct problem how is possiable its working one browser
Priyanka Bhagwat 5-Sep-13 3:22am
   
i also don't knw, sorry
Raghavendra Guptha 5-Sep-13 3:30am
   
oky thank q for u r co-operation and also u r given new idea
Raghavendra Guptha 18-Sep-13 6:52am
   
i am findout that my mozilla browser is old version these version has not microsoft dotnet framework assistant 1.2.1 so these addon installed the above problem is clear
[no name] 6-Sep-13 5:39am
   
Friend Your Button Click Event Is Remaining..........

you directly generate this code..

protected void BTNSAVE(object sender, EventArgs e)

it's not possible so just check your code and then run your application

And also check Your client side code where BTNSAVE_click event is also remaining on Button Control....

In Above Code You Have remove extra comma after===>> TextBox9.Text + "',)====>> so just remove comma and run your application
Rate this:
Please Sign up or sign in to vote.

Solution 6

You Have Try to do this code....

protected void BTNSAVE_Click(object sender, EventArgs e)
       {
            SqlConnection con = new SqlConnection("Data Source=NSYS1\\SQLEXPRESS;Initial Catalog=agfl;connect timeout=30;Integrated Security=True");
            con.open();
            string qry="Insert Into stf(sno,rdate,acno,name,vno,amt,edate,chno)
                          Values(@sno,@rdate,@acno,@name,@vno,@amt,@edate,@chno)";
            SqlCommand mycom = new SqlCommand(con,qry);
            mycom.Parameters.AddWithValue("@sno",TextBox1.Text);
            mycom.Parameters.AddWithValue("@rdate",TextBox6.Text);
            mycom.Parameters.AddWithValue("@acno",TextBox2.Text);
            mycom.Parameters.AddWithValue("@name",TextBox7.Text);
            mycom.Parameters.AddWithValue("@vno",TextBox4.Text);
            mycom.Parameters.AddWithValue("@amt",TextBox8.Text);
            mycom.Parameters.AddWithValue("@edate",TextBox5.Text);
            mycom.Parameters.AddWithValue("@chno",TextBox9.Text);
            mycom.ExecuteNonQuery();
            con.Close();
         }




Friend Your Button Click Event Is Remaining..........
you directly generate this code..
protected void BTNSAVE(object sender, EventArgs e)
it's not possible so just check your code and then run your application .
And also check Your client side code where BTNSAVE_click event is also remaining on Button Control....


In Above Code You Have remove extra comma after TextBox9.Text + "',) so just remove comma and run your application
   
v3
Rate this:
Please Sign up or sign in to vote.

Solution 7

Remove the Second Last Comma from your Query.
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100