C
C#2w ago
Mike B

Insert into Access Database

Hey all, I've been trying to Insert into my access database for some days now and I'm still getting a syntax error which I have no idea why, my connection works I was able to delete buy I cannot add for some reason
14 Replies
❤RieBi&❤
❤RieBi&❤2w ago
$details
MODiX
MODiX2w ago
When you ask a question, make sure you include as much detail as possible. Such as code, the issue you are facing, what you expect the result to be, what .NET version you are using and what platform/environment (if any) are relevant to your question. Upload code here https://paste.mod.gg/, save, and copy the link into chat for others to see your shared code! (see $code for more information on how to paste your code)
❤RieBi&❤
❤RieBi&❤2w ago
Also, don't use Access for database
jcotton42
jcotton422w ago
@Mike B how do you expect us to diagnose your syntax error without the code in question?
Mike B
Mike BOP2w ago
how do i format the code
jcotton42
jcotton422w ago
$code
MODiX
MODiX2w ago
To post C# code type the following: ```cs // code here ``` Get an example by typing $codegif in chat For longer snippets, use: https://paste.mod.gg/
jcotton42
jcotton422w ago
But sql instead of cs (If it’s just the sql statement)
Mike B
Mike BOP2w ago
internal void AddCar(Car car)
{
    OleDbConnection connection = new OleDbConnection(strConnection);


    try
    {
        connection.Open();
        Console.WriteLine(car.ToString());

        // Use a parameterized query to prevent SQL injection and handle special characters.
        string query = "INSERT into Cars(VIN, Make, Model, CarYear, Mileage, RentalCost, Description, Location, Availability, Class, Image) " +
                            $"VALUES ({car.VehicleID}, '{car.Make}', '{car.Model}', {car.Year}, {car.Mileage}, {car.RentalCost}, '{car.Description}', '{car.Location}', '{car.Availability}', '{car.Classification}', '{car.Image}')";
        Console.WriteLine(query);

        OleDbCommand command = new OleDbCommand(query, connection);
        
        command.ExecuteNonQuery();
 
    }
    catch (Exception ex)
    {
        MessageBox.Show("Addcar exception: "+ ex.Message);
    }
    finally
    {
        
Console.WriteLine("connection closing");
        connection.Close();
    }
}
internal void AddCar(Car car)
{
    OleDbConnection connection = new OleDbConnection(strConnection);


    try
    {
        connection.Open();
        Console.WriteLine(car.ToString());

        // Use a parameterized query to prevent SQL injection and handle special characters.
        string query = "INSERT into Cars(VIN, Make, Model, CarYear, Mileage, RentalCost, Description, Location, Availability, Class, Image) " +
                            $"VALUES ({car.VehicleID}, '{car.Make}', '{car.Model}', {car.Year}, {car.Mileage}, {car.RentalCost}, '{car.Description}', '{car.Location}', '{car.Availability}', '{car.Classification}', '{car.Image}')";
        Console.WriteLine(query);

        OleDbCommand command = new OleDbCommand(query, connection);
        
        command.ExecuteNonQuery();
 
    }
    catch (Exception ex)
    {
        MessageBox.Show("Addcar exception: "+ ex.Message);
    }
    finally
    {
        
Console.WriteLine("connection closing");
        connection.Close();
    }
}
this is the info i got from my form and the generated inserts statement 1234, 'Porsche', '911', 2024, 23, 89.99, 'Fast', 'Lot B', 'Available', 'Sport', 'porsche.png' INSERT into Cars(VIN, Make, Model, CarYear, Mileage, RentalCost, Description, Location, Availability, Class, Image) VALUES (1234, 'Porsche', '911', 2024, 23, 89.99, 'Fast', 'Lot B', 'Available', 'Sport', 'porsche.png') Exception thrown: 'System.Data.OleDb.OleDbException' in System.Data.dll
jcotton42
jcotton422w ago
First, you need to switch to parameterized queries. String interpolation in SQL is dangerous, it’s how you get SQL injection. Parameterized queries also free you from dealing with headaches around escaping.
Mike B
Mike BOP2w ago
One sec let me update the code, I tried it and still have gotten issues 
string query = "INSERT INTO Cars (VIN, Make, Model, CarYear, Mileage, RentalCost, Description, Location, Availability, Class, Image) " +
       "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";


OleDbCommand cmd = new OleDbCommand(query, connection);
cmd.Parameters.AddWithValue("?", car.VehicleID);
cmd.Parameters.AddWithValue("?", car.Make);
cmd.Parameters.AddWithValue("?", car.Model);
cmd.Parameters.AddWithValue("?", car.Year);
cmd.Parameters.AddWithValue("?", car.Mileage);
cmd.Parameters.AddWithValue("?", car.RentalCost);
cmd.Parameters.AddWithValue("?", car.Description);
cmd.Parameters.AddWithValue("?", car.Location);
cmd.Parameters.AddWithValue("?", car.Availability);
cmd.Parameters.AddWithValue("?", car.Classification);
cmd.Parameters.AddWithValue("?", car.Image);
OleDbCommand command = new OleDbCommand(query, connection);

command.ExecuteNonQuery();
MessageBox.Show("Car successfully added!");
         
string query = "INSERT INTO Cars (VIN, Make, Model, CarYear, Mileage, RentalCost, Description, Location, Availability, Class, Image) " +
       "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";


OleDbCommand cmd = new OleDbCommand(query, connection);
cmd.Parameters.AddWithValue("?", car.VehicleID);
cmd.Parameters.AddWithValue("?", car.Make);
cmd.Parameters.AddWithValue("?", car.Model);
cmd.Parameters.AddWithValue("?", car.Year);
cmd.Parameters.AddWithValue("?", car.Mileage);
cmd.Parameters.AddWithValue("?", car.RentalCost);
cmd.Parameters.AddWithValue("?", car.Description);
cmd.Parameters.AddWithValue("?", car.Location);
cmd.Parameters.AddWithValue("?", car.Availability);
cmd.Parameters.AddWithValue("?", car.Classification);
cmd.Parameters.AddWithValue("?", car.Image);
OleDbCommand command = new OleDbCommand(query, connection);

command.ExecuteNonQuery();
MessageBox.Show("Car successfully added!");
updated and I still recieved the same error
Mike B
Mike BOP2w ago
No description
Mike B
Mike BOP2w ago
this is my table 
 public Car(int vehicleID, string make, string model, int year, int mileage, decimal rentalCost, string description, string location, string availablility, string classification, string image)
 {
     this.vehicleID = vehicleID;
     this.make = make;
     this.model = model;
     this.year = year;
     this.mileage = mileage;
     this.rentalCost = rentalCost;
     this.description = description;
     this.location = location;
     this.availablility = availablility;
     this.classification = classification;
     this.image = image;
 }
 public Car(int vehicleID, string make, string model, int year, int mileage, decimal rentalCost, string description, string location, string availablility, string classification, string image)
 {
     this.vehicleID = vehicleID;
     this.make = make;
     this.model = model;
     this.year = year;
     this.mileage = mileage;
     this.rentalCost = rentalCost;
     this.description = description;
     this.location = location;
     this.availablility = availablility;
     this.classification = classification;
     this.image = image;
 }
this is my car class
jcotton42
jcotton422w ago
I believe you need unique names for the parameters when you Add. Or use the single-arg variant, if one exists. If you continue having trouble, I would suggest switching to #database
Want results from more Discord servers?
Add your server