1

I'm making a form to add accounts to my login application if you can help that would be awesome.

I'm only 11 so this might be a dumb question!

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Data.OleDb;

namespace Login_Viper_Safe
{
    public partial class Form3 : Form
    {
        private OleDbConnection connection = new OleDbConnection();
        public Form3()
        {
            InitializeComponent();
            connection.ConnectionString =   @"Provider=Microsoft.ACE.OLEDB.12.0; Data Source=C:\Users\SillyTen9\Documents\UserDatabase.accdb; Persist Security Info=False;";
    }

    private void Form3_Load(object sender, EventArgs e)
    {

    }

    private void button1_Click(object sender, EventArgs e)
    {
        try
        {
            connection.Open();
            OleDbCommand command = new OleDbCommand();
            command.Connection = connection;
            command.CommandText = "INSERT INTO UserDatabase ([Username], [Password], FirstName, LastName) VALUSES('" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "')";
            command.ExecuteNonQuery();
            MessageBox.Show("Signed Up!");
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error " + ex);
        }
    }
}
Improve this question
3
  • 3
    VALUSES should be VALUES Commented Dec 16, 2016 at 12:58
  • Side notes: 1. Use parameters for your values. 2. Try not to use class scoped connections, instead create them when you need them and then close them. 3. Wrap your connections in a using block when you create them as well as any other types that implement IDisposable like OleDbCommand. 4. Put your connection string in the app.config and retrieve it from there when needed. Commented Dec 16, 2016 at 13:06
  • 1
    Try to avoid SQL the way you are doing it currently and use paramaterised queries to avoid SQL injection and other nasty things. stackoverflow.com/questions/7505808/… Commented Dec 16, 2016 at 13:07

2 Answers 2

Reset to default
1

you have error on values (extra s):

 "INSERT INTO UserDatabase ([Username], [Password], FirstName, LastName) VALUES( ...

Also it is important to use parameters:

command.CommandText = "INSERT INTO UserDatabase ([Username], [Password], FirstName, LastName) VALUES (@param1,@param2,@param3,@param4)";
command.Parameters.AddWithValue("@param1",textBox1.Text);
command.Parameters.AddWithValue("@param2",textBox2.Text);
command.Parameters.AddWithValue("@param3",textBox3.Text);
command.Parameters.AddWithValue("@param4",textBox4.Text);
...
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You make typo error its Values not VALUSES in Insert Query

command.CommandText = "INSERT INTO UserDatabase ([Username], [Password], FirstName, LastName) VALUES('" + textBox1.Text + "','" + textBox2.Text + "','" + textBox3.Text + "','" + textBox4.Text + "')";
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.