Ok, so I've seen this question in many MANY other threads, but never get a complete answer (at least so far). So I have a basic code to insert a new user with all of it's info into a MySQL database (localhost), and I have basically done the same code a previous time, and it worked. It isn't the length of the sentence, since the column can handle at least 40 chars.
The error:
MySql.Data.MySqlClient.MySqlException: 'You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'Clave='9cdfb439c7876e703e307864c9167a15'' at line 1'
My code:
private void Button_Click(object sender, RoutedEventArgs e)
{
var nomCom = Nombre.Text + Apellido.Text;
/*var exists = Query.Check($"SELECT EXISTS(SELECT 1 FROM usuario WHERE Nombre_Usu='{NombreUsu.Text}'");
if (!exists)
{
MessageBox.Show("Nombre de usuario ya existe","VERIFIQUE",MessageBoxButton.OK,MessageBoxImage.Exclamation);
}
else
{*/
if (string.IsNullOrWhiteSpace(nomCom) || string.IsNullOrWhiteSpace(NombreUsu.Text) || txtContra.Password.ToString() != txtConfirmar.Password.ToString())
{
MessageBox.Show("Verifique los campos porfavor :)", "ERROR", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
Query.Execute($"INSERT usuario SET Nombre='{Nombre.Text}', Apellido='{Apellido.Text}', Nombre_Usu='{NombreUsu.Text}' Clave='{txtContra.Password.Encriptar()}'");
// }
}
Alright, that is the code for the Register form/window, where the user will input the data and insert that into the DB. The "Query.Check" is another class (Query) in which I wrote the SQL methods, to reuse code and save space. Oh and the ".Encriptar()" is just a method to hash the password. Here it is:
public static long Execute(string query)
{
var con = Connection.Create();
var command = new MySqlCommand(query, con);
command.ExecuteNonQuery();
con.Close();
return command.LastInsertedId;
}
So... I don't know why this isn't working, since I did exactly the same thing with a previous app and worked just fine! Please, someone help me. Btw, I'm new here, so sorry if I didn't write the post correctly.
you are missing a , in your sql
, Nombre_Usu='{NombreUsu.Text}' Clave='{txtContra.Password.Encriptar()}'
needs to be
, Nombre_Usu='{NombreUsu.Text}', Clave='{txtContra.Password.Encriptar()}'
Beyond that, use paramatized queries ( lots of questions on here about that )
Your SQL syntax for the INSERT is incorrect. It should be
INSERT INTO usuario (Nombre, Apellido, Nombre_Usu, Clave) VALUES (@Nombre, @Apellido, @Nombre_Usu, @Clave)
Also as Jon stated in the comments, you will want to parameterize your query.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.