why this error come please give me solution.(No value given for one or more required parameters) while doing updatetion

Question

1.00/5 (1 vote)

See more:

VB

Dim cmdupdate As OleDbCommand = New OleDbCommand
      con.Open()
      sql = "UPDATE Info SET [add] = '" & txtadd.Text & "'," _
     & "[phno] = '" & txtphno.Text & "'," _
     & "[emailid] = '" & txtemailid.Text & "'," _
      & "[gender] = '" & txtgender.Text & "'," _
      & "[dob] = '" & txtdob.Text & "'," _
     & "[quali] = '" & txtqual.Text & "'," _
    & "[designation] = '" & txtdegn.Text & "', " _
    & "[salary] = '" & txtsal.Text & "' ," _
    & "[bank] = '" & txtbank.Text & "'" _
    & "WHERE name = " & cmbname.Text & ""

      cmd = New OleDbCommand(sql, con)
      cmd.ExecuteNonQuery()
      con.Close()
      MsgBox(cmbname.Text = "Record updated.")

Posted 9-Dec-11 18:00pm

project virus

Add a Solution

2 solutions

Solution 1

Your code is hardly readable, but the problem is just the SQL syntax. Perhaps you will see it and will be able to correct the query if you totally change the approach. You really, really need to use parametrized queries, and by a number of much more important reasons.

Start with:
http://msdn.microsoft.com/en-us/library/ms254953.aspx[^],
http://msdn.microsoft.com/en-us/library/yy6y35y8%28v=VS.100%29.aspx[^] (some OleDb code samples here).

By the way, multiple string concatenation is really bad idea. This is because strings are immutable, so it's bad for performance. Do I even have to explain why? Using string.Format is free from this problem and also much more readable. In other cases (such as cycles), use (mutable) System.Text.StringBuilder.

See:
http://msdn.microsoft.com/en-us/library/system.string.aspx[^],
http://msdn.microsoft.com/en-us/library/system.text.stringbuilder.aspx[^].

—SA

Posted 9-Dec-11 18:16pm

Sergey Alexandrovich Kryukov

Updated 9-Dec-11 18:18pm

v2

Comments

thatraja 10-Dec-11 0:33am

Wise, 5!

Sergey Alexandrovich Kryukov 10-Dec-11 1:14am

Thank you, Raja.
--SA

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

thatraja · Accepted Answer · 2011-12-09T18:43:00

Agree with SA. Use parametrized queries. And here I point out some of your mistakes. Also suggestion(s)

VB

sql = "UPDATE Info SET [add] = '" & txtadd.Text & "'," _
     & "[phno] = '" & txtphno.Text & "'," _
     & "[emailid] = '" & txtemailid.Text & "'," _
      & "[gender] = '" & txtgender.Text & "'," _
      & "[dob] = '" & txtdob.Text & "'," _
     & "[quali] = '" & txtqual.Text & "'," _
    & "[designation] = '" & txtdegn.Text & "', " _
    & "[salary] = '" & txtsal.Text & "' ," _
    & "[bank] = '" & txtbank.Text & "'" _
    & "WHERE name = " & cmbname.Text & ""

Put square brackets for the field names.
Here in your code, name field is string type so you should have included the single quotes(WHERE name = '" & cmbname.Text & "'"). And give a space before the WHERE keyword.