error when trying to update column values in VB.net

Question

Good day!

I just want to seek help from you guys, I'm again having problems with my UPDATE functionality, here's my code...

Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click
    con = New SqlConnection("Server=localhost\SQLEXPRESS;Database=Vehicle;Trusted_Connection=True;")
    con.Open()

    Dim cmd As SqlCommand = con.CreateCommand

    cmd.CommandText = String.Format("UPDATE trip SET ticketno, charge, driver, destination, passenger, purpose, tripdate", txtticket.Text, txtcharge.Text, txtdriver.Text, txtdestination.Text, txtpassenger.Text, txtpurpose.Text, dtptripdate1.Value)

    Dim affectedRows As Integer = cmd.ExecuteNonQuery
    If affectedRows > 0 Then
        MsgBox("Succesfully Updated")
    Else
        MsgBox("Failed to update")
    End If

    con.Close()
End Sub

When I try to click the Button, an error would show:

An unhandled exception of type 'System.Data.SqlClient.SqlException' occurred in System.Data.dll

Additional information: Incorrect syntax near ','.

thanks for helping me out. I'm really close to finishing this small-scale project for my office but I'm stuck with these kind of problems.

Answer 1

Your UPDATE statement is wrong, so your String.Format . and don't your missed out a WHERE condition?

cmd.CommandText = String.Format("UPDATE trip SET ticketno='{0}', charge='{1}', driver='{2}', destination='{3}', passenger='{4}', purpose='{5}', tripdate='{6}'", txtticket.Text, txtcharge.Text, txtdriver.Text, txtdestination.Text, txtpassenger.Text, txtpurpose.Text, dtptripdate1.Value)

OR try this to avoid SQL Injection. Wrap your conn with a Using block to ensure the dispose of your SqlConnection

Using conn As New SqlConnection("Server=localhost\SQLEXPRESS;Database=Vehicle;Trusted_Connection=True;")
    conn.Open()
    Dim cmd As New SqlCommand
    cmd.Connection = conn
    cmd.CommandText = "UPDATE trip SET ticketno=@ticketno, charge=@charge, driver=@driver, destination=@destination, " & _
                      "passenger=@passenger, purpose=@purpose, tripdate=@tripdate " & _
                      "WHERE SomeCondition"
    cmd.Parameters.AddWithValue("@ticketno", txtticket.Text)
    cmd.Parameters.AddWithValue("@charge", txtcharge.Text)
    cmd.Parameters.AddWithValue("@driver", txtdriver.Text)
    cmd.Parameters.AddWithValue("@destination", txtdestination.Text)
    cmd.Parameters.AddWithValue("@passenger", txtpassenger.Text)
    cmd.Parameters.AddWithValue("@purpose", txtpurpose.Text)
    cmd.Parameters.AddWithValue("@tripdate", dtptripdate1.Value)

    Dim affectedRow As Integer = cmd.ExecuteNonQuery
    IIf(affectedRow > 0, MsgBox("Succesfully Updated"), MsgBox("Failed to update"))
End Using

Answer 2

    Try this,   

   Dim myCommand = New SqlCommand("UPDATE trip SET ticketno=@ticketno, charge=@charge, driver=@driver, destination=@destination, passenger=@passenger, purpose=@purpose, tripdate=@tripdate",con)

        myCommand.Parameters.Add("@ticketno", txtticket.Text)
        myCommand.Parameters.Add("@charge", txtcharge.Text)
        myCommand.Parameters.Add("@driver", txtdriver.Text)
        myCommand.Parameters.Add("@destination", txtdestination.Text)
        myCommand.Parameters.Add("@passenger", txtpassenger.Text)
        myCommand.Parameters.Add("@purpose", txtpurpose.Text)
        myCommand.Parameters.Add("@tripdate", dtptripdate1.Text)

        Dim affectedRows As Integer = cmd.ExecuteNonQuery
        If affectedRows > 0 Then
            MsgBox("Succesfully Updated")
        Else
            MsgBox("Failed to update")
        End If

        con.Close()