This is my code
OleDbCommand cmd = new OleDbCommand("UPDATE Patient SET FirstName ='" + tbPatientFirstName.Text + "' WHERE PatientID='" + tbPatientID+ "' ",conn);
The text I'm an changing in the tbPatientFirstName is from a string to a string. The PatientID is the records primary key. I know I'm not using parameterised sql but its not required and I don't have time to learn it at the moment
Apart from the suggestion to use paramterized query
(which you believe is not needed, so hopefully it is OK), three things seem to be the potential causes of the error.
First, you seem to use the TextBox
object rather than its Text
. Change tbPatientID
to tbPatientID.Text
Secondly, if your PatientID
is integer, you may need to remove the apostrophe '
for the tbPatientID
WHERE PatientID=" + tbPatientID.Text.Trim()+ " " //no apostrophe
Thirdly, to avoid having whitespace
undetected, consider using Trim()
:
OleDbCommand cmd = new OleDbCommand("UPDATE Patient SET FirstName ='" + tbPatientFirstName.Text.Trim() + "' WHERE PatientID=" + tbPatientID.Text.Trim()+ " ",conn);
The time required to use a parameterized query is a lot less than the time required to fix these errors
OleDbCommand cmd = new OleDbCommand(@"UPDATE Patient
SET FirstName =@name WHERE PatientID= @id", conn);
cmd.Parameters.Add("@name", OleDbType.VarWChar).Value = tbPatientFirstName.Text
cmd.Parameters.Add("@id", OleDbType.Integer).Value = Convert.ToInt32(tbPatientID.Text);
And that's all is required. Now you don't have troubles in passing values to your database engine also if these values contains a single quote.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.