I need more advice on this data addition issue

0

I have a test program consisting of a textbox (textbox1), a button (save), and a connection to a database and a table called TestDatabase.mdf and TestTable (respectively). I am trying to save the text which I will input into the database through 'textbox1'....

I have done this much so far:

Dim mytextboxvalue As String
    mytextboxvalue = TextBox1.Text
    sqCmd.CommandText = "INSERT INTO TestTable" & "(FirstColumn,   SecondColumn)" & "(mytextboxvalue,mytextboxvalue)"

And I am getting this run-time error:

Incorrect syntax near 'mytextboxvalue'.

So my question is that what is the correct syntax?

Legendary Lambe

Posted 2012-02-20T09:17:10.267

Reputation: 3

Question was closed 2012-07-19T00:35:54.520

Where is TextBox1.Text defined? – Joe Taylor – 2012-02-20T09:47:43.573

Answers

0

sqCmd.CommandText = "INSERT INTO TestTable" & "(FirstColumn,   SecondColumn) values" & "('mytextboxvalue','mytextboxvalue')"

And remember to use ' if they are string!

undone

Posted 2012-02-20T09:17:10.267

Reputation: 824

It still says Incorrect syntax near 'mytextboxvalue'....what to do please help – Legendary Lambe – 2012-02-20T09:25:23.347

what's the data type of FirstColumn? – undone – 2012-02-20T09:26:25.607

VarChar (MAX) it is why? – Legendary Lambe – 2012-02-20T09:30:16.180

answer please p – Legendary Lambe – 2012-02-20T09:33:07.720

It's beath to put an @symbol before the name of the person you are replying to. This will notify them. e.g @ Username – Joe Taylor – 2012-02-20T09:46:50.837

check new edit!! – undone – 2012-02-20T09:57:43.240

@Death it is inputing mytextboxvalue and not the actual value instead – Legendary Lambe – 2012-02-20T10:18:31.877

@Death thanks for you help I finally solved it – Legendary Lambe – 2012-02-20T10:22:45.443

mark it as answer ;) – undone – 2012-02-20T10:36:36.173

0

I think you want

sqCmd.CommandText = "INSERT INTO TestTable (FirstColumn, SecondColumn) values ('" & mytextboxvalue & "','" & mytextboxvalue & "')"

... mytextboxvalue is a variable whose text you want to add into your INSERT INTO string.

Note that if anyone but yourself enters text into that textbox, you should not do it this way!! Have a look at the "Bobby Tables" issue for more details about avoiding SQL injections.

Jonas Heidelberg

Posted 2012-02-20T09:17:10.267

Reputation: 1 652

@Lambe: If my information is helpful, you should upvote the answer (click the upward arrow)... – Jonas Heidelberg – 2012-02-20T13:49:28.170

Asked: 2012-02-20T09:17:10.267

Viewed: 57 times

Active: 2012-02-20T09:56:59.323