Take a step back and look at your insert statement and two big things
should jump out at you:
INSERT INTO
table_ecn
(
ref_no
)
VALUES
(
txt_ref_no.Text
)
WHERE
part_no= @search_part_no
1) You've got a WHERE clause in an INSERT statement.
2) You've got .NET code in the text of your SQL statement.
For #1, if it's not immediately obvious what the problem is, I'd
suggest you go through a refresher course on SQL data access and learn
about SELECT/INSERT/UPDATE/DELETE.
For #2, looks like another place for a parameter.
On Feb 1, 9:00 pm, Helvin <[email protected]> wrote:
> I met another problem which reminds me of executeReader.
> --------------------------------------------------------------------------------------------------------------------------------------------------
> My aim: To grab data from a textbox on my asp.net page and
> insert it into my mysql database.
> ---------------------------------------------------------------------------------------------------------------------------------------------------
> My problem:
>
> Error msg: "You have an error in your SQL syntax; check the manual
> that corresponds to your MySQL server version for the right syntax to
> use near 'WHERE part_no= 'partno7'' at line 1"
>
> The "source error" message highlights the ExecuteNonQuery line.
>
> Q: What's wrong? Why is ExecuteNonQuery not working? I already used
> parameterized statements and also 'using' loops, which were what I did
> to solve my ExecuteReader problem before.
>
> ----------------------------------------------------------------------------------------------------------------------------------------------------
> Code:
>
> 'Open database and store values
> Using myConnection As New MySqlConnection("server=localhost; user
> id=myuser; database=database1; pooling=false;")
> myConnection.Open
> Dim str = New String("INSERT INTO table_ecn(ref_no) VALUES
> (txt_ref_no.Text) WHERE part_no= @search_part_no;")
> Using sqlComm As New MySqlCommand(str, myConnection)
> sqlComm.Parameters.AddWithValue("@search_part_no",
> txt_part_no.Text)
> sqlComm.ExecuteNonQuery()
>
> End Using
> myConnection.Close
>
> End Using
> ----------------------------------------------------------------------------------------------------------------------------------------------------
> Notes:
>
> 1. txt_ref_no and txt_part_no are 2 user input textboxes on my
> asp.net page.
> 2. partno7 as seen in the error message was the input in the
> textbox called txt_part_no, and was hence put into the command object
> via the parameters.addwithvalue method, as a variable called
> search_part_no.
> ----------------------------------------------------------------------------------------------------------------------------------------------------
> Thanks for any help offered! =)
