I'm using Visual Studio 2015 and I can't get my code to insert data into Visual Studio database. There are no error and the aspx page run fine but the data is not being write. Here is my code:
Dim strConnectionString As String = System.Configuration.ConfigurationManager.ConnectionStrings("Project1ConnectionString").ConnectionString
Dim drCart As SqlDataReader
Dim strSQLStatement As String
Dim cmdSQL As SqlCommand
strSQLStatement = "SELECT * FROM OrderHead"
Dim conn As New SqlConnection(strConnectionString)
cmdSQL = New SqlCommand(strSQLStatement, conn)
conn.Open()
drCart = cmdSQL.ExecuteReader()
Dim ExpCard = CMonth.Text + CYear.Text
Dim Fname = FristTxt.Text
Dim Lname = LastTxt.Text
Dim Address1 = AddTxt1.Text
Dim Address2 = AddTxt2.Text
Dim City = CityTxt.Text
Dim State = StateDList.Text
Dim ZipCode = ZipTxt.Text
Dim PhoneNum = NumTxt.Text
Dim CreditNum = CNumber.Text
Dim CreditType = CtypeList.Text
If drCart.Read() Then
Dim strSQLStatement2 = "Insert into OrderHead (FirstName, LastName, StreetAddress, City, State, Zip, PhoneNumber, CreditCard, CreditType, ExpDate, StreetAddress2) VALUES (" & Trim(Fname) &
", " & Trim(Lname) & ", " & Trim(Address1) & ", " & Trim(City) & ", " & Trim(State) &
", " & CInt(ZipCode) & ", " & CInt(PhoneNum) & ", " & CInt(CreditNum) & ", " & Trim(CreditType) &
", " & CInt(ExpCard) & ", " & Trim(Address2) & "')"
Dim conn2 As New SqlConnection(strConnectionString)
conn2.Open()
Dim cmdSQL2 = New SqlCommand(strSQLStatement2, conn2)
drCart = cmdSQL2.ExecuteReader()
conn2.Close()
End If
I be greatly appreciated if you can point out my error.
As Plutonix says: ExecuteReader is for reading the results of a SELECT query a row at a time. You want ExecuteNonQuery to run an INSERT query.
Also, NEVER use concatenation to build a query with user input. In some cases you might find it useful to build queries from pre-defined strings, but with random input, a person with bad intentions could wipe out your entire database with the right input. Use Parameters !!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.