Click here to Skip to main content
14,920,001 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C#
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlcon;
cmd.CommandText = "INSERT INTO TBL_Customers (customer_name,FK_fk_id,commissary,FK_area_id,customer_address,tel1,tel2,id_number,datebirth,tel4)
 VALUES
 ('" + txtname.Text + "','" + comboCategoryCustomers.ValueMember + "','" +
 txtcommissary.Text + "','" 
+ comboAreaCustomer.ValueMember + "','" + txtcustomer_address.Text +
 "','" + txttel1.Text + "','"
 + txttel2.Text + "','" 
+ txtid_number.Text + "','" + 
this.dateTimePicker1datebirth.Text 
+ "','" + txttel4.Text + "')";


sqlcon.Open();
cmd.ExecuteNonQuery();

MessageBox.Show("Saved");
sqlcon.Close();
dt1.Clear();


[Edit: Matt T Heffron -- I changed to better tags...]
Posted
Updated 16-Dec-14 12:29pm
v3
Comments
Garth J Lancaster 16-Dec-14 18:04pm
   
'Does not work' - ok, can you see how someone sitting on a PC (likely) thousands of km away from you isn't going to find 'Does Not Work' a useful comment ?

You need to provide more detail on 'why it doesn't work', what actions you have taken to try and diagnose the issues, what error messages you get if any - obviously we can see you're trying to insert data into a database - so, does what 'Does Not Work' really mean ?

- also, (a) you may get more help if you can show the value of commandtext (the SQL insert statement) before it's run, and (b) using paramaterised queries usually shows flaws with possibly missing single/double quotes etc - just sayin'
PIEBALDconsult 16-Dec-14 18:26pm
   
I'm pretty sure it does exactly what you told it to do. Computers are stupid that way.
Garth J Lancaster 16-Dec-14 18:34pm
   
lol - yes

Use a parameterized statement. Every time. No excuses. They avoid a fracking ton of possible problems.

C#
                  cmd.CommandText = "INSERT INTO TBL_Customers customer_name,FK_fk_id,commissary,FK_area_id,customer_address,tel1,tel2,id_number,datebirth,tel4) VALUES (@customer_name,@FK_fk_id,@commissary,@FK_area_id,@customer_address,@tel1,@tel2,@id_number,@datebirth,@tel4)" ;

cmd.Parameters.AddWithValue ( "@customer_name" , txtname.Text );

// etc.

// Pass in dates and numbers as dates and numbers, not as strings
cmd.Parameters.AddWithValue ( "@datebirth" , this.dateTimePicker1datebirth ) ;
   
Hi friend

you can also do like

VB
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlcon;
cmd.CommandText = @"INSERT INTO TBL_Customers (customer_name,FK_fk_id,commissary,FK_area_id,customer_address,tel1,tel2,id_number,datebirth,tel4)
 VALUES
 ('" + txtname.Text + "','" + comboCategoryCustomers.ValueMember + "','" +
 txtcommissary.Text + "','"
+ comboAreaCustomer.ValueMember + "','" + txtcustomer_address.Text +
 "','" + txttel1.Text + "','"
 + txttel2.Text + "','"
+ txtid_number.Text + "','" +
this.dateTimePicker1datebirth.Text
+ "','" + txttel4.Text + "')";


sqlcon.Open();
cmd.ExecuteNonQuery();

MessageBox.Show("Saved");
sqlcon.Close();
dt1.Clear();




Put "@" before the insert statement and check for the error
   
Comments
Member 11280947 17-Dec-14 4:24am
   
Did not get anything


cmd.CommandType = CommandType.Text;
cmd.Connection = sqlcon;
cmd.CommandText = "INSERT INTO TBL_Customers (customer_name,FK_fk_id,commissary,FK_area_id,customer_address,tel1,tel2,id_number,datebirth,tel4) VALUES (@customer_name,@FK_fk_id,@commissary,@FK_area_id,@customer_address,@tel1,@tel2,@id_number,@datebirth,@tel4)";
cmd.Parameters.AddWithValue("@customer_name", txtname.Text);
cmd.Parameters.AddWithValue("@FK_fk_id", comboCategoryCustomers.ValueMember);
cmd.Parameters.AddWithValue("@commissary", txtcommissary.Text);
cmd.Parameters.AddWithValue("@FK_area_id", comboAreaCustomer.ValueMember);
cmd.Parameters.AddWithValue("@customer_address", txtcustomer_address.Text);
cmd.Parameters.AddWithValue("@tel1", txttel1.Text);
cmd.Parameters.AddWithValue("@tel2", txttel2.Text);
cmd.Parameters.AddWithValue("@id_number", txtid_number.Text);
cmd.Parameters.AddWithValue("@datebirth", this.dateTimePicker1datebirth);
cmd.Parameters.AddWithValue("@tel4", txttel4.Text);




sqlcon.Open();
cmd.ExecuteNonQuery();

MessageBox.Show("Saved");
sqlcon.Close();

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900