Why am I getting a Datatype Mismatch error in C# Windows Forms Application

Question

I have created a simple application every thing is working fine except update portion insertion is working fine with same table data

My code is

private void button2_Click(object sender, EventArgs e)
{
    string cmd = ("UPDATE submissionFee SET [stdName]='" + textBox2.Text + "', [fatherName]='" + textBox3.Text + "', [program]='" + textBox4.Text + "', [adress]='" + textBox5.Text + "',[email]='" + textBox6.Text + "', [cellNum]='" + textBox7.Text + "', [isPaid] = '" + textBox8.Text + "', [SubmissionDate] = '" + dateTimePicker1.Value.ToString("MM/dd/yyyy") + "'Where [ID]='" + textBox1.Text + "'");

    try
    {
        connection.Open();

        OleDbCommand command = new OleDbCommand();
        command.Connection = connection;
        command.CommandText = cmd;

        command.ExecuteNonQuery();

        MessageBox.Show("Account Has Been Updated");
        connection.Close();
    }
    catch (Exception ex)
    {
        MessageBox.Show("Error " + ex);
        MessageBox.Show("Please Enter Valid Data");
    }
}

Error Screenshot

Answer 1

Probably the connection is already open when you try to open it.

Either:

1) Make sure you close the connection from the last time you used it.

2) Or, if it is sometimes supposed to be kept open, check if the connection is already open, and don't close it if it is. Something like:

bool bWasOpen = (connnection.State == ConnectionState.Open);
if (!bWasOpen)
    connection.Open();
...
if (!bWasOpen)
    connection.Close();

Much Worse than the crash: Your code is volunerable to Sql-injection.

--> Use parameterized sql .

Answer 2

The reason for this exception in the dialog is due to the connection state is already open; and hence it cannot be opened again. You must close the connection in your previous statement. Or, check if the connection closed, and then open it.

Some other tips to you is

1. Do not use Textbox1, Textbox2 etc., give them proper ID like txtStudentId, txtFatherName etc.,

2. User SQL Parameters to pass the values to your database. check the sample statements below

   String query = "UPDATE submissionFee SET stdName=@stdName, fatherName=@fatherName where id=@id;"; SqlCommand command = new SqlCommand(query, db.Connection); command.Parameters.Add("@id",txtID.txt); command.Parameters.Add("@stdName",txtStudent.Text); command.Parameters.Add("@fatherName",txtFatherName.Text); command.ExecuteNonQuery();

Answer 3

Please use using statement when You query to database. Why? Simple... it has implemented IDisposable .

PS Use parameterized query to protect against SQL Injection attacks.

string insertStatement = UPDATE submissionFee SET stdName=@stdName,fatherName=@fatherName,program=@program,adress=@adress,email=@email,cellNum=@cellNum,isPaid=@isPaid,SubmissionDate=@SubmissionDate,ID=@ID
    using (OleDbConnection connection = new OleDbConnection(connectionString))
    using (OleDbCommand command = new OleDbCommand(insertStatement, connection))
                 command.Parameters.AddWithValue("@ID",textBox1.Text);
                command.Parameters.AddWithValue("@stdname",textbox2.Text);
                command.Parameters.AddWithValue("@fathername",textBox3.Text);
                command.Parameters.AddWithValue("@program",textBox4.Text);
                command.Parameters.AddWithValue("@adress",textBox5.Text);
                command.Parameters.AddWithValue("@email",textBox6.Text);
                command.Parameters.AddWithValue("cellNum",textBox7.Text);
                command.Parameters.AddWithValue("@isPaid",textBox8.Text);
                command.Parameters.AddWithValue("@SubmissionDate",dateTimePicker1.Value.ToString("MM/dd/yyyy"));
                connection.Open();
                var results = command.ExecuteNonReader();
            }
        }

Part of code was taken from this link.