1

I am trying to update an access table with the code noted below. however, the update does not execute. It doesn't give me any errors but it doesn't update the database. Any suggestions?

string Const = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=F:\\Db\\test.accdb";      

OleDbCommand Cmd;
OleDbConnection con22 = new OleDbConnection(Const );
con22.Open();

string sql = "UPDATE CostT SET tFormSent='" + Selection1.Text + "',TName='" + UserName.Text + "',FormDate='" + FormDate.Text + "',where ReqNum=" + ReqNum.Text;

cmd = new OleDbCommand(sql, con22);
cmd.ExecuteNonQuery();
con22.Close();

MessageBox.Show("Form has been Updated");
Improve this question
1
  • It should be throwing an error, since there's at least one syntax error. Though given all these SQL injection vulnerabilities, there's no telling what random code you might be executing on your database. What's the actual runtime value of the query you're executing? Commented Jun 30, 2016 at 12:17

2 Answers 2

Reset to default
5

Try changing the query
to 

string sql = "UPDATE CostT SET tFormSent = @selection1,TName = @UserName,FormDate = @FormDate where ReqNum = @ReqNum";
cmd = new OleDbCommand(sql, con22);
cmd.Parameters.Add("@selection1", Selection1.Text);
cmd.Parameters.Add("@UserName", UserName.Text);
cmd.Parameters.Add("@FromDate", FromDate.Text);
cmd.Parameters.Add("@ReqNum", ReqNum.Text);
cmd.ExecuteNonQuery();
con22.Close();
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This is perfect!! I think the SQL injections i had messed everything up. But the parameters version worked perfectly. Now i just have to learn Unions and Delete. Thank you!!
4

Your query has a syntax error: you have a comma before your WHERE clause that does not belong there.

But more important: Your code is open to SQL injection! Please don't insert user input directly into your query, but use parameterized queries instead!

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.