this is my code.i want to save these values into database.And an error occured,
incorrect syntax near the keyword Values
foreach (GridViewRow gvr in GridView1.Rows)
{
string strcon1;
strcon1 = ConfigurationManager.ConnectionStrings["fwma_devConnectionString"].ConnectionString;
SqlConnection con1 = new SqlConnection(strcon1);
con1.Open();
SqlCommand com3 = new SqlCommand(strcon);
TextBox tb = (TextBox)gvr.FindControl("TextBox2");//value
string txt = tb.Text;
Label propertylabel = (Label)gvr.FindControl("Label4");//id-property
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";
com3.Connection = con1;
com3.ExecuteNonQuery();
con1.Close();
use this
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values('" + propertylabel.Text + "','" + B_id.Text + "','" + tb.Text + "')";
instead of
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";
Shouldn't this line be like this?
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,Values) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + ")";
and please use command parameters:
When should "SqlDbType" and "size" be used when adding SqlCommand Parameters?
If you are using the reserved keywords ,you should specify delimited identifiers either quoted or bracketed.
example using bracketed
com3.CommandText = "INSERT INTO BrandProperties(PropertyID,BrandID,[Values]) values(" + propertylabel.Text + "," + B_id.Text + "," + tb.Text + " ), con1";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.