JT Jankowiak wrote:
> string insert = "INSERT INTO members (CODE_MEMBER, ID_FAMILY,
> FNAME, SNAME, FLNAME, SLNAME, BIRTHDATE, GENDER, CELL_PHONE, WORK_PHONE,
> ALT_PHONE, EMAIL, NIT, PROFESSION, JOB, JOB_POSITION, PHOTO) VALUES ( '"
> + Core.Config.AppSet.Default.code + "', " + family + ",'" + fname +
> "','" + sname + "','" + flname + "','" + slname + "','" + birthdate +
> "','" + gender + "', " + phone2 + ", " + phone3 + "," + phone4 + ",'" +
> email + "','" + nit + "','" + profession + "','" + job + "','" +
> position + "'";
> //Just in case some no essential information is empty
> insert = insert.Replace("''", "null");
> insert = insert + ", '" + photo + "')";
> int b = dbCnxn.sqlExecute(insert);
> dbCnxn.execClose();
Try to use parametrized query instead of this hell. ;)
--
Jiri {x2} Cincura
http://blog.vyvojar.cz/jirka/ | http://www.ID3renamer.com
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Firebird-net-provider mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/firebird-net-provider
