Thanks Joe! Your #1 worked! The parameters thing is not a problem,
because my string is put into my sqlComm, then the parameters added.
Dim str = New String("UPDATE table_ecn SET ref_no= @var_ref_no
WHERE part_no = @search_part_no;")
Using sqlComm As New MySqlCommand(str, myConnection)
sqlComm.Parameters.AddWithValue("@search_part_no",
txt_part_no.Text)
sqlComm.Parameters.AddWithValue("@var_ref_no", txt_ref_no.Text)
=)
On Feb 2, 10:52 pm, Joe Enos <[email protected]> wrote:
> Take a step back and look at your insert statement and two big things
> should jump out at you:
> INSERT INTO
> table_ecn
> (
> ref_no
> )
> VALUES
> (
> txt_ref_no.Text
> )
> WHERE
> part_no= @search_part_no
>
> 1) You've got a WHERE clause in an INSERT statement.
> 2) You've got .NET code in the text of your SQL statement.
>
> For #1, if it's not immediately obvious what the problem is, I'd
> suggest you go through a refresher course on SQL data access and learn
> about SELECT/INSERT/UPDATE/DELETE.
>
> For #2, looks like another place for a parameter.
>
> On Feb 1, 9:00 pm, Helvin <[email protected]> wrote:
>
>
>
> > I met another problem which reminds me of executeReader.
> > --------------------------------------------------------------------------------------------------------------------------------------------------
> > My aim: To grab data from a textbox on my asp.net page and
> > insert it into my mysql database.
> > ---------------------------------------------------------------------------------------------------------------------------------------------------
> > My problem:
>
> > Error msg: "You have an error in your SQL syntax; check the manual
> > that corresponds to your MySQL server version for the right syntax to
> > use near 'WHERE part_no= 'partno7'' at line 1"
>
> > The "source error" message highlights the ExecuteNonQuery line.
>
> > Q: What's wrong? Why is ExecuteNonQuery not working? I already used
> > parameterized statements and also 'using' loops, which were what I did
> > to solve my ExecuteReader problem before.
>
> > ----------------------------------------------------------------------------------------------------------------------------------------------------
> > Code:
>
> > 'Open database and store values
> > Using myConnection As New MySqlConnection("server=localhost; user
> > id=myuser; database=database1; pooling=false;")
> > myConnection.Open
> > Dim str = New String("INSERT INTO table_ecn(ref_no) VALUES
> > (txt_ref_no.Text) WHERE part_no= @search_part_no;")
> > Using sqlComm As New MySqlCommand(str, myConnection)
> > sqlComm.Parameters.AddWithValue("@search_part_no",
> > txt_part_no.Text)
> > sqlComm.ExecuteNonQuery()
>
> > End Using
> > myConnection.Close
>
> > End Using
> > ----------------------------------------------------------------------------------------------------------------------------------------------------
> > Notes:
>
> > 1. txt_ref_no and txt_part_no are 2 user input textboxes on my
> > asp.net page.
> > 2. partno7 as seen in the error message was the input in the
> > textbox called txt_part_no, and was hence put into the command object
> > via the parameters.addwithvalue method, as a variable called
> > search_part_no.
> > ----------------------------------------------------------------------------------------------------------------------------------------------------
> > Thanks for any help offered! =)- Hide quoted text -
>
> - Show quoted text -
