StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<ol> <li><p><strong>Connection Assignment</strong> - You aren't setting the connection property of the SQLCommand. You can do this without adding a line of code. <em>This is the cause of your error.</em></p> <pre><code>myCommand = New SqlCommand("INSERT INTO tblBook(BookCode, BookTitle, Author, PublishingYear, Price, EnterDate, CatID, RackID, Amount) VALUES('" & txtBookCode.Text & "','" & txtTitle.Text & "','" & txtAuthor.Text & "','" & txtPublishYear.Text & "','" & txtPrice.Text & "', #" & txtEnterDate.Text & "#, " & txtCategory.Text & "," & txtRack.Text & "," & txtAmount.Text & ")", MyConnection) </code></pre></li> <li><p><strong>Connection Handling</strong> - You also need to remove `MyConnection.Open' from your Load Handler. Just open it and close it in your Click Handler, as you are currently doing. <em>This is not causing the error.</em></p></li> <li><p><strong>Parameterized SQL</strong> - You need to utilize SQL Parameters, despite the fact that you are not using a Stored Procedure. <em>This is not the cause of your error</em>. As <a href="https://stackoverflow.com/users/119477/conrad-frix">Conrad</a> reminded me, your original code dumps values straight from the user into a SQL Statement. Malicious users will steal your data unless you use SQL Parameters.</p> <pre><code>Dim CMD As New SqlCommand("Select * from MyTable where BookID = @BookID") CMD.Parameters.Add("@BookID", SqlDbType.Int).Value = CInt(TXT_BookdID.Text) </code></pre></li> </ol>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload