0

I'm doing a program and I'm in a part that I need to create users in the database in access. But after entering the data and clicking the create user button it gives me an error. If you add users to the database it works but if you try to add it by the program's the result is a syntax error

Else
    Try
        Dim myconnection As OleDbConnection
        Dim constring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=E:\Software_Simples\Software\DataBase.accdb"
        myconnection = New OleDbConnection(constring)
        myconnection.Open()
        Dim sqlQry As String

        'sqlQry = "INSERT INTO Usernames(Username, Password) VALUES(" & TextBox2.Text & "," & TextBox3.Text & ")"
        sqlQry = "INSERT INTO Usernames(ID_User, Username, Password) VALUES(Null,TextBox2.Text,TextBox3.Text )"

        Dim cmd As New OleDbCommand(sqlQry, myconnection)
        cmd.ExecuteNonQuery()

        myconnection.Close()
    Catch ex As Exception
        MessageBox.Show(ex.Message)
    End Try
    'Fechar
    Me.Close()
    MessageBox.Show("Utilizador criado com suecesso: " & username_create, "Aviso", MessageBoxButtons.OK)
End If
Improve this question
6
  • Now it's fine ? Commented Feb 15, 2017 at 15:21
  • Yes that's the correct way to post code. Now back to your problem. As I have said. Password is a reserved keyword. If you use it from ADO.NET you need to put it between square brackets. Commented Feb 15, 2017 at 15:28
  • You can write the code, I'm not quite sure what you're saying. Commented Feb 15, 2017 at 15:30
  • Is my ID_User field of auto increment set to be null ?? Commented Feb 15, 2017 at 15:33
  • If the field is an AutoNumber then do not write anything for it (no fieldname no null value) simply ignore it. Commented Feb 15, 2017 at 15:35

2 Answers 2

Reset to default
1

There are at least three problems in your code:
1) Password is a reserved keyword. Needs to be between square brackets
2) String values when passed to a database need to be between single quotes, but.. see point 3
3) Use parameters instead of string concatenation (what if password contains a single quote?)
4) Dispose the disposable object like the connection and the command.

So rewriting it 

Dim constring = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=E:\Software_Simples\Software\DataBase.accdb"
Dim sqlQry = "INSERT INTO Usernames(Username, [Password]) VALUES(@name, @pwd)"
Try
    Using myconnection = New OleDbConnection(constring)
    Using cmd As New OleDbCommand(sqlQry, myconnection)
        myconnection.Open()
        cmd.Parameters.Add("@name", OleDbType.VarWChar).Value = TextBox2.Text
        cmd.Parameters.Add("@pwd", OleDbType.VarWChar).Value = TextBox3.Text
        cmd.ExecuteNonQuery()
    End Using
    End Using
Catch ex As Exception
    MessageBox.Show(ex.Message)
End Try
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Do not miss Dim sqlQry as string
Corrected. Really there is no need to as String when the compiler can see from the context the type of the variable to be assigned. (But Dim yes)
i got more How do I make an if to see if the user I created already exists and if it does not give error msg
@JorgePereira please one problem at time. If questions here help to solve your problem please accept one then post a new question with the new details
0

It should read:

sqlQry = "INSERT INTO Usernames (ID_User, Username, [Password]) VALUES (Null,'" + TextBox2.Text + "','" + TextBox3.Text + "')"
Improve this answer

1 Comment

I've seen similar but not a duplicate.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.