0 
qryreg.SQL.Add('Insert into RegistreerTB');
qryreg.SQL.add('Name , Surname, E-mail, Password)');
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')');
qryreg.ExecSQL ;
qryreg.SQL.Text := 'Select * from RegistreerTB';
qryreg.Open ;

This is the code im using atm with delphi im trying to save data to my database from editboxes. The error im getting is EOELeException "Insert into statement"

ty in advance

Improve this question

4 Answers 4

Reset to default
8

As oodesigner stated, a better method would be to use parameters. I don't know what text book you are looking at, but the code given isn't really best practice (it isn't worst practice either, at least it uses QuotedStr rather than '''' + edtname.Text + '''' which fails the first time you use something like O'Connell, and allows SQL injection attacks.

Using parameters and assuming SQL Server syntax as per Rob's answe, and assuming TADOQuery (based on the EOLEException) the code would be something like:

qryreg.SQL.Add('Insert into RegistreerTB');  
qryreg.SQL.Add('(Name , Surname, [E-mail], Password)');  //SQL Server syntax with square brackets

// OR qryreg.SQL.Add('(Name , Surname, "E-mail", Password)');  //Oracle/Postgres syntax with double quotes
// OR qryreg.SQL.Add('(Name , Surname, `E-mail`, Password)');  //MySQL syntax with grave accent

qryreg.SQL.Add('Values :Name, :Surname, :Email, :Password)'); 

qryreg.Parameters.ParamByName('Name').Value := edtName.Text;
qryreg.Parameters.ParamByName('Surname').Value := edtSName.Text;
qryreg.Parameters.ParamByName('Email').Value := edtEmail.Text;
qryreg.Parameters.ParamByName('Password').Value := edtPassUse.Text;

qryreg.ExecSQL;  
qryreg.SQL.Text := 'Select * from RegistreerTB';  
qryreg.Open ;
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Parameters also avoid hard-parsing the query each time, and allow reuse an already parsed statements. Some database don't "like" much being flooded by a lot of statements as it happens when the same statement is resubmitted over and over again just changing some literals.
Ty i will look into using paramters
4

As John's answer points out, you need to have parentheses around the column names before VALUES. You need to make sure all the column names are valid SQL identifiers. If they aren't, as in the case for E-mail, you need to quote or escape them according to your database's syntax rules. For example, MySQL uses grave accents, Microsoft SQL uses brackets, and Oracle and Postgresql use quotation marks.

Improve this answer

Comments

2

Your problem is in the first line. I made the correction below. you need an opening parenthesis.

qryreg.SQL.Add('Insert into RegistreerTB ('); 
qryreg.SQL.Add('Name , Surname, E-mail, Password)'); 
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')'); 
qryreg.ExecSQL ; 
qryreg.SQL.Text := 'Select * from RegistreerTB'; 
qryreg.Open ;

see if this works

qryreg.SQL.Add("Insert into RegistreerTB ("); 
qryreg.SQL.Add("Name , Surname, E-mail, Password)"); 
qryreg.SQL.Add("Values ('"+edtname.Text+"','"+edtsname.Text +"','"+edtemail.Text+"','"+edtpassuse.Text +"')"); 
qryreg.ExecSQL ; 
qryreg.SQL.Text := "Select * from RegistreerTB"; 
qryreg.Open ;
Improve this answer

4 Comments

i have changed the code as you said i still get the same error i have been trying to figure this out for past hour and i can't find my error but thanks anyway :)
@Shadowriz... What does quoted string return for example: quotedstr("hello") will it return "hello" or 'hello'
@Shadowriz: What John stated seems like the only problem with this code(I hope quotedstr returns single quotes). Are you sure your table definition fits this statement? Are you sure your field names are correct?
ye the field names are correct @john i have never done this before i am working from a textbook atm :) quotedstr(edt1.text) wil return the text entered into the edit box idk if that was of any help but ty for comments
0
  1. May be you have to call qryreg.SQL.Clear before your first line.
  2. Why not to use parameters ?
Improve this answer

2 Comments

hey im using an example from a textbook and i have just changed the values to the ones im using atm could you please elaborate on paramaters
@Shadowriz: please include the name of the textbook in your answer.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.