0

I've got a error which I can't understand. When I'm debugging and trying to run a insert statement, its throwing the following exception:

"There are fewer columns in the INSERT statement than values specified in the VALUES clause. The number of values in the VALUES clause must match the number of columns specified in the INSERT statement."

I have looked all over my code, and I can't find the mistake I've made.

This is the query and the surrounding code:

SqlConnection myCon = DBcon.getInstance().conn();
int id = gm.GetID("SELECT ListID from Indkøbsliste");
id++;

Console.WriteLine("LNr: " + listnr);
string streg = GetStregkode(navne);
Console.WriteLine("stregk :" + strege);
string navn = GetVareNavn(strege);
Console.WriteLine("navn :" + navne);

myCon.Open();
string query = "INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris) Values(" + id + "," + listnr + ", '" + strege + "','" + navn + "'," + il.Antal + ", "+il.Pris+")";
Console.WriteLine(il.Antal+" Antal");
Console.WriteLine(il.Pris+" Pris");
Console.WriteLine(id + " ID");
SqlCommand com = new SqlCommand(query, myCon);
com.ExecuteNonQuery();
com.Dispose();
myCon.Close();
Improve this question
3
  • Is ID an auto incremented column ? Commented Sep 20, 2011 at 7:45
  • auto increment columns can also have values be manually inserted, so that probably isn't the reason for this. Commented Sep 20, 2011 at 7:49
  • Yes, but only if set identity_insert <table> on is set in the session - which I assume it is not the default. Commented Sep 20, 2011 at 7:55

3 Answers 3

Reset to default
1

First of all check the connection string and confirm the database location and number of columns a table has.

Suggestion : Do not use hardcoded SQL string. Use parameterized sql statements or stored-proc.

Try parameterized way,

string query = "INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris)   
         Values (@ListID, @ListeNr, @Stregkode, @Navn, @Antal, @Pris)"

SqlCommand com = new SqlCommand(query, myCon);
com.Parameters.Add("@ListID",System.Data.SqlDbType.Int).Value=id;
com.Parameters.Add("@ListeNr",System.Data.SqlDbType.Int).Value=listnr;
com.Parameters.Add("@Stregkode",System.Data.SqlDbType.VarChar).Value=strege ;
com.Parameters.Add("@Navn",System.Data.SqlDbType.VarChar).Value=navn ;
com.Parameters.Add("@Antal",System.Data.SqlDbType.Int).Value=il.Antal;
com.Parameters.Add("@Pris",System.Data.SqlDbType.Int).Value=il.Pris;

com.ExecuteNonQuery();
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

+1 for never using concatenated SQL statements... ALWAYS use parametrized queries.
@marc_s Thank you Sir. I'm pleased to receive a compliment.
1

Please always use parametrized queries. This helps with errors like the one you have, and far more important protects against SQL injection (google the term, or check this blog entry - as an example).

For example, what are the actual values of strege and/or navn. Depending on that it may render your SQL statement syntactically invalid or do something worse.

It (looks like) a little more work in the beginning, but will pay off big time in the end.

Improve this answer

Comments

0

Are you using danish culture settings?

In that case if il.Pris is a double or decimal it will be printed using comma, which means that your sql will have an extra comma.

Ie:

INSERT INTO Indkøbsliste (ListID, ListeNr, Stregkode, Navn, Antal, Pris) Values(33,5566, 'stegkode','somename',4, 99,44)

where 99,44 is the price.

The solution is to use parameters instead of using the values directly in you sql. See some of the other answers already explaining this.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.