0

in an aspx.vb file

Sub Button3_Click(sender As Object, e As EventArgs) Handles Button3.Click

        Dim con As New OleDbConnection("Provider= SQLOLEDB.1;Integrated Security=true; data source=myserver; ")

        Dim cmd As New OleDbCommand

        cmd.Connection = con
        cmd.CommandText = "Insert into demo.dbo.masters1 values ('" & TextBox1.Text & " ," & TextBox4.Text & " , " & TextBox3.Text & " ')"
        con.Open()
        If (cmd.ExecuteNonQuery() > 0) Then
            Label1.BorderColor = Drawing.Color.Aquamarine
        Else
            Label1.BorderColor = Drawing.Color.Black
        End If

        con.Close()

End Sub

I am using Windows Authentication.

The server is up and running.

I've also tried:

Dim con As New OleDbConnection("Provider= SQLOLEDB.1;Integrated Security=true; data source=C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\database_name.mdf; ")

However, I'm getting the following error:

No error message available, result code: DB_E_ERRORSOCCURRED(0x80040E21).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Data.OleDb.OleDbException: No error message available, result code: DB_E_ERRORSOCCURRED(0x80040E21).

Improve this question
3
  • which line causes error? Commented Jan 6, 2016 at 17:41
  • How many columns does table masters1 have? Do you want to insert one concatenated string into one column or three strings into three columns? Commented Jan 6, 2016 at 17:44
  • You desperately need to parameterize your queries. The way this is coded is a textbook example of sql injection. Commented Jan 6, 2016 at 17:50

1 Answer 1

Reset to default
1

Look like you are using OleDbConnection for SQL Server.

You want to SqlConnection if you use SQL Server. For example, 

using(var con = new SqlConnection(
     "Server=myServerAddress;Database=myDataBase;Trusted_Connection=True;"))
{
   var query = "insert statement ...";
   using(var cmd = new SqlCommand(query, con)){
      cmd.CommandType = CommandType.Text;
      con.Open();
      ....
   }
}

You might want to look at the connection string format here too.

FYI: Use the parameterize query to avoid SQL Injection attack.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.