Click here to Skip to main content
15,888,286 members
Search within:


Syntax error in UPDATE statement. Visual basic 2010
Please Sign up or sign in to vote.
0.00/5 (No votes)
I this error:
"Syntax error in UPDATE statement."

My code is:
Private Sub Button3_Click(sender As System.Object, e As System.EventArgs) Handles Button3.Click
       con.Open()
       Dim q As String = "UPDATE Table1 SET " &
           "FirstName='" & Me.txtFName.Text &
           "',SecondName='" & Me.txtSName.Text &
           "',SureName='" & Me.txtTName.Text &
           "',SocialNumber=" & Me.txtID.Text &
           ",Age=" & Me.txtAge.Text & " " &
           ",YearofBirth=" & Me.txtYear.Text & " " &
           ",Level=" & Me.txtLevel.Text & " " &
           "WHERE ID=" & Me.TextBox1.Text


       Dim cmd As New OleDb.OleDbCommand(q, con)
       cmd.ExecuteNonQuery()
       GetInfo()
       Me.Close()
       con.Close()
   End Sub


btw I am using Visual Basic 2010 and Access 2016 for database
Thank you!

What I have tried:

I haven't tried anything yet since I am just a beginner.
Posted
Updated 20-Apr-16 9:54am
Add a Solution
Comments

1 solution

As Richard pointed out, don't do it this way. Not only does it lead to syntax issues but it is very easy to hack your db when you write code this way. Instead do like this:
VB
Dim q As String = "UPDATE Table1 SET " &
           "FirstName=@FirstName" &
           "',SecondName=@SecondName" & ...
           "WHERE ID=@ID" 
...
cmd.Parameters.AddWithValue("@FirstName", txtFirstName.Text)
cmd.Parameters.AddWithValue("@SecondName", txtSecondName.Text)
...
cmd.Parameters.AddWithValue("@ID", txtID.Text)
 
Share this answer
 
Posted
Comments
Richard Deeming 20-Apr-16 16:55pm    
Except that OleDb doesn't support named parameters, so you'd need to use ? as the placeholder and add the parameters in the right order.
ZurdoDev 20-Apr-16 20:06pm    
Good catch.
ZurdoDev 20-Apr-16 20:12pm    
Interesting, some sites say named parameters are OK, https://blogs.msdn.microsoft.com/wriju/2008/01/24/ado-net-oledbcommand-parameterized-query-sequence-rule/

and others say they are not, https://msdn.microsoft.com/en-us/library/system.data.oledb.oledbcommand.parameters(v=vs.110).aspx

But the order is definitely important.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
syntax error in update statement in vb.net 2010
the error says that there is a syntax error in the update statement (visual basic)
syntax error in update statement
syntax error in my UPDATE statement
Syntax Error on Update Statement
Syntax error in UPDATE statement
Syntax error in UPDATE statement.
syntax error in update statement
Syntax Error with Update Statement
UPDATE Syntax error.

Advertise
Privacy
Cookies
Terms of Use
Last Updated 20 Apr 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900