can not Update data in C# Database Access

Question

I have a problem with the button3 it's the UPDATE BUTTON, The message box keeps saying it's a syntax error in the UPDATE Statement. And also if I create another listbox, if I insert a new data, it does not make me insert another data in the 2nd listbox. So if I insert something on the 1st listbox, that index would, for example, be 9, then I would try to insert on the next listbox, but then it would proceed to the index 10.

    OleDbCommand cmd = new OleDbCommand();
        OleDbConnection cn = new OleDbConnection();
        OleDbDataReader dr;

private void listBox2_Click(object sender, EventArgs e)
        {
            ListBox l = sender as ListBox;

                if (l.SelectedIndex != 1)
                {
                    listBox1.SelectedIndex = l.SelectedIndex;
                    listBox2.SelectedIndex = l.SelectedIndex;
                    textBox2.Text = listBox2.SelectedItem.ToString();
                }

        }

private void button1_Click(object sender, EventArgs e)
        {
            if (textBox1.Text != "")
            {
                string q = "insert into Table1 (name) values ('"+textBox1.Text.ToString()+"')";
                doSomething(q);
                textBox1.Text = null;
            }
        }

private void button2_Click(object sender, EventArgs e)
        {
            if (listBox1.SelectedIndex != -1)
            {
                string q = "delete from Table1 where id=" + listBox1.SelectedItem.ToString();
                doSomething(q);
            }
        }

private void button3_Click(object sender, EventArgs e)
        {
            if (textBox2.Text != "" & listBox1.SelectedIndex != -1)
            {
                string q = "update Table1 set (name) '" + textBox2.Text.ToString() + "' where id " + listBox1.SelectedItem.ToString();
                doSomething(q);
                textBox2.Text = "";
            }
        }


private void doSomething(String q)
        {
            try
            {
                cn.Open();
                cmd.CommandText = q;
                cmd.ExecuteNonQuery();
                cn.Close();
                loaddata();
            }
            catch (Exception e)
            {
                cn.Close();
                MessageBox.Show(e.Message.ToString());
            }
        }

Answer 1

Problem 1: you are missing = Symbol while providing input parameters.

Try This:

 string q = "update Table1 set [name]= '" + textBox2.Text.ToString() + "' where id= " + listBox1.SelectedItem.ToString();

Problem 2: you are not assigning connection object to `OleDbCommand.

Add This: before executing command

   cmd.Connection=cn;

Complete Code:

        OleDbCommand cmd = new OleDbCommand();
        OleDbConnection cn = new OleDbConnection();
        OleDbDataReader dr;

       private void listBox2_Click(object sender, EventArgs e)
        {
            ListBox l = sender as ListBox;  
            if(l.SelectedIndex!=-1)
            textBox2.Text = l.SelectedItem.ToString();
        }

        }

       private void button1_Click(object sender, EventArgs e)
        {
            if (textBox1.Text != "")
            {
                string q = "insert into Table1(name) values ('"+textBox1.Text.ToString()+"')";
                doSomething(q);
                textBox1.Text = null;
            }
        }

       private void button2_Click(object sender, EventArgs e)
        {
            if (listBox1.SelectedIndex != -1)
            {
                string q = "delete from Table1 where id=" + listBox1.SelectedItem.ToString();
                doSomething(q);
            }
        }

       private void button3_Click(object sender, EventArgs e)
        {
            if (textBox2.Text != "" & listBox1.SelectedIndex != -1)
            {
                string q = "update Table1 set [name] ='" + textBox2.Text.ToString() + "' where id =" + listBox1.SelectedItem.ToString();
                doSomething(q);
                textBox2.Text = "";
            }
        }


       private void doSomething(String q)
        {
            try
            {
                cn.Open();
                cmd.CommandText = q;
                cmd.Connection=cn;
                cmd.ExecuteNonQuery();
                cn.Close();
                loaddata();
            }
            catch (Exception e)
            {
                cn.Close();
                MessageBox.Show(e.Message.ToString());
            }
        }

Suggestion : your query is open to SQL injection attacks , i would suggest to use Parameterised Queries to avoid them.

Using Parameterised Queries :

private void doSomething(String q)
    {
        try
        {
            cn.Open();
            cmd.CommandText = "update Table1 set [name]=@name  where id=@id";
            cmd.Parameters.AddWithValue("@name",textBox2.Text.ToString());
            cmd.Parameters.AddWithValue("@id",listBox1.SelectedItem.ToString());
            cmd.ExecuteNonQuery();
            cn.Close();
            loaddata();
        }
        catch (Exception e)
        {
            cn.Close();
            MessageBox.Show(e.Message.ToString());
        }
    }

Answer 2

string q = "update Table1 set (name) '" + textBox2.Text.ToString() + "' where id " + listBox1.SelectedItem.ToString();

In the above code (btn3) your are missing id =

Write code like this :

string q = "update Table1 set (name) '" + textBox2.Text.ToString() + "' where id=" + listBox1.SelectedItem.ToString();

UPDATE :

My Access query function:

public  void ExecuteAccessQurey(string _pQurey)
{
    OleDbConnection con = new OleDbConnection("DatabaseConnectionString");
    OleDbCommand cmd = new OleDbCommand(_pQurey, con);

    if (con.State == System.Data.ConnectionState.Closed)
    {
        con.Open();
    }

    cmd.ExecuteNonQuery();
    con.Close();
}