0

I am getting an error with my insert command. I am trying to add the users input data from the text boxes on the html page into the access database I already have created and connected. I am just having a problem with the syntax of my insert command.

This is my HTML page

<form name="insert" method="post" action="insertinventory.aspx">
<center>
    <h1> FLOATEEZ Add Inventory </h1>

    Item Number: <input type="text" name="txtnum"> <br>
    Item Name: <input type="text" name="txtname"> <br>
    Item Description: <input type="text" name="txtdescription"> <br>
    Item Price: <input type="text" name="txtprice"> <br>
    Item Quantity on Hand: <input type="text" name="txtqoh"> <br>
    Item Picture: (text only) <input type="text" name="txtpicture"> <br><br>

    <input type="submit" value="Submit"> &nbsp &nbsp <input type="reset">        
</center>
</form>

This is my aspx page minus my database information

<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System.Data.Odbc" %>
<%
Response.Write("<html><head><title>Insert into Inventory </title></head></body>");
Response.Write("<body bgcolor=lightblue>");

OdbcConnection myconn;
OdbcCommand mycmd;
OdbcDataReader myreader;

myconn= new OdbcConnection( I removed this part );
mycmd = new OdbcCommand("insert into inventory 
    (Itemnum,Itemname,Itemdescription,Itemprice,Itemqoh,Itempicture) values 
    ('"+ txtnum.Text +"','"+ txtname.Text +"','"+ txtdescription.Text 
    +"','"+ txtprice.Text +"','"+ txtqoh.Text +"','"+ txtpicture.Text 
    +"')",myconn);

myreader.Close();
myconn.Close();
%>
<br>
<center> <a href ="Company.html" > Back to our Homepage </a> </center>
Improve this question
0

2 Answers 2

Reset to default
1

be sure to use parameters! a question mark is used for each value you get from the user.

example below taken from https://www.mikesdotnetting.com/article/26/parameter-queries-in-asp-net-with-ms-access. (a great resource.)

string ConnString = Utils.GetConnString();    
string SqlString = "Insert Into Contacts (FirstName, LastName) Values (?,?)";

using (OleDbConnection conn = new OleDbConnection(ConnString))    
{    
  using (OleDbCommand cmd = new OleDbCommand(SqlString, conn))    
  {    
    cmd.CommandType = CommandType.Text;    
    cmd.Parameters.AddWithValue("FirstName", txtFirstName.Text);    
    cmd.Parameters.AddWithValue("LastName", txtLastName.Text);

    conn.Open();    
    cmd.ExecuteNonQuery();    
  }    
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You need to bind the connection to command, and call command execution statement, e.g.: 

...
mycmd.Connection = myconn;
mycmd.ExecuteNonQuery();

myconn.Close();

No reader needed.

The better way to operate the DB is:

using(OdbcConnection myconn = new OdbcConnection(connectionString))
{
    using(OdbcCommand mycmd = OdbcCommand(your code here))
    {
        mycmd.Connection = myconn;
        mycmd.ExecuteNonQuery();
    }
}

For using keyword, it will be disposing the connection and command instance automatically.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.