Good day!
I just want to seek help from you guys, I'm again having problems with my UPDATE functionality, here's my code...
Private Sub Button2_Click(sender As Object, e As EventArgs) Handles Button2.Click
con = New SqlConnection("Server=localhost\SQLEXPRESS;Database=Vehicle;Trusted_Connection=True;")
con.Open()
Dim cmd As SqlCommand = con.CreateCommand
cmd.CommandText = String.Format("UPDATE trip SET ticketno, charge, driver, destination, passenger, purpose, tripdate", txtticket.Text, txtcharge.Text, txtdriver.Text, txtdestination.Text, txtpassenger.Text, txtpurpose.Text, dtptripdate1.Value)
Dim affectedRows As Integer = cmd.ExecuteNonQuery
If affectedRows > 0 Then
MsgBox("Succesfully Updated")
Else
MsgBox("Failed to update")
End If
con.Close()
End Sub
When I try to click the Button, an error would show:
An unhandled exception of type 'System.Data.SqlClient.SqlException' occurred in System.Data.dll
Additional information: Incorrect syntax near ','.
thanks for helping me out. I'm really close to finishing this small-scale project for my office but I'm stuck with these kind of problems.
Your UPDATE
statement is wrong, so your String.Format . and don't your missed out a WHERE
condition?
cmd.CommandText = String.Format("UPDATE trip SET ticketno='{0}', charge='{1}', driver='{2}', destination='{3}', passenger='{4}', purpose='{5}', tripdate='{6}'", txtticket.Text, txtcharge.Text, txtdriver.Text, txtdestination.Text, txtpassenger.Text, txtpurpose.Text, dtptripdate1.Value)
OR try this to avoid SQL Injection. Wrap your conn with a Using block to ensure the dispose of your SqlConnection
Using conn As New SqlConnection("Server=localhost\SQLEXPRESS;Database=Vehicle;Trusted_Connection=True;")
conn.Open()
Dim cmd As New SqlCommand
cmd.Connection = conn
cmd.CommandText = "UPDATE trip SET ticketno=@ticketno, charge=@charge, driver=@driver, destination=@destination, " & _
"passenger=@passenger, purpose=@purpose, tripdate=@tripdate " & _
"WHERE SomeCondition"
cmd.Parameters.AddWithValue("@ticketno", txtticket.Text)
cmd.Parameters.AddWithValue("@charge", txtcharge.Text)
cmd.Parameters.AddWithValue("@driver", txtdriver.Text)
cmd.Parameters.AddWithValue("@destination", txtdestination.Text)
cmd.Parameters.AddWithValue("@passenger", txtpassenger.Text)
cmd.Parameters.AddWithValue("@purpose", txtpurpose.Text)
cmd.Parameters.AddWithValue("@tripdate", dtptripdate1.Value)
Dim affectedRow As Integer = cmd.ExecuteNonQuery
IIf(affectedRow > 0, MsgBox("Succesfully Updated"), MsgBox("Failed to update"))
End Using
Try this,
Dim myCommand = New SqlCommand("UPDATE trip SET ticketno=@ticketno, charge=@charge, driver=@driver, destination=@destination, passenger=@passenger, purpose=@purpose, tripdate=@tripdate",con)
myCommand.Parameters.Add("@ticketno", txtticket.Text)
myCommand.Parameters.Add("@charge", txtcharge.Text)
myCommand.Parameters.Add("@driver", txtdriver.Text)
myCommand.Parameters.Add("@destination", txtdestination.Text)
myCommand.Parameters.Add("@passenger", txtpassenger.Text)
myCommand.Parameters.Add("@purpose", txtpurpose.Text)
myCommand.Parameters.Add("@tripdate", dtptripdate1.Text)
Dim affectedRows As Integer = cmd.ExecuteNonQuery
If affectedRows > 0 Then
MsgBox("Succesfully Updated")
Else
MsgBox("Failed to update")
End If
con.Close()
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.