1

Am trying to insert data into a local database from an asp.net page using the code below but i keep getting this error

"Incorrect syntax near the keyword 'user'"

 protected void Button1_Click(object sender, EventArgs e)
    {
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["RegConnectionString"].ConnectionString);
        con.Close();
        string inse = "insert into user (username, password, emailadd, fullname, country) values(@username, @password, @emailadd, @fullname, @country) ";
        SqlCommand insertuser = new SqlCommand(inse, con);
        insertuser.Parameters.AddWithValue("@username",TextBoxFA.Text);
        insertuser.Parameters.AddWithValue("@password", TextBoxEA.Text);
        insertuser.Parameters.AddWithValue("@emailadd", TextBoxRPW.Text);
        insertuser.Parameters.AddWithValue("@fullname", TextBoxPW.Text);
        insertuser.Parameters.AddWithValue("@country",DropDownList1.SelectedItem.ToString());

        try
        {
            insertuser.ExecuteNonQuery();
            con.Close();
            Response.Redirect("login.aspx");
        }
        catch (Exception ex)
        {
            Response.Write("<b>something really bad happened.....Please try again</b> ");
        }
    }
Improve this question
2
  • second line: con.Close() ??? Also, if you get an exception, you will catch it in your CATCH block, but this CATCH block does not close the connection. solution: have a FINALLY block after your CATCH block in which you: "con.Close()", and remove the "con.Close()" from your TRY block since the FINALLY block will always be called. Commented Jan 16, 2013 at 14:31
  • 1
    I'm not sure if that's a typo, but you have 2 con.Close() calls, and no con.Open(). Commented Jan 16, 2013 at 14:31

3 Answers 3

Reset to default
6

Congratulations on using a parameterized query!

user is a keyword, so wrap it in square brackets, like [user].

Some comments:

  1. You should use using for connection and command to dispose of unused resources automatically
  2. The first con.Close(); doesn't make sense and can be removed. Instead you need to call con.Open();
  3. Create a finally block where you close the connection. Currently it is not closed when an exception occurs.

That being said, your code then would read:

using (SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["RegConnectionString"].ConnectionString))
{
    con.Open();

    string inse = "insert into [user] (username, password, emailadd, fullname, country) values(@username, @password, @emailadd, @fullname, @country)";
    using (SqlCommand insertuser = new SqlCommand(inse, con))
    {
        insertuser.Parameters.AddWithValue("@username",TextBoxFA.Text);
        insertuser.Parameters.AddWithValue("@password", TextBoxEA.Text);
        insertuser.Parameters.AddWithValue("@emailadd", TextBoxRPW.Text);
        insertuser.Parameters.AddWithValue("@fullname", TextBoxPW.Text);
        insertuser.Parameters.AddWithValue("@country",DropDownList1.SelectedItem.ToString());

        try
        {
            insertuser.ExecuteNonQuery();
            Response.Redirect("login.aspx");
        }
        catch (Exception ex)
        {
            Response.Write("<b>something really bad happened.....Please try again</b> ");
        }
        finally
        {
            con.Close();
        }
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks! :-) Usually in questions like "How to add data to SQL database from C#" you see some mess of concatenated strings (most probably containing DateTime values in the wrong format). I was positively surprised by the fact that the OP's code was "nearly there".
5

Try wrapping the word user in square brackets. I believe user is a reserved keyword.

i.e.

string inse = "insert into [user] (username, password, emailadd, fullname, country) values(@username, @password, @emailadd, @fullname, @country) ";

You have a couple of other issues in that code, but not putting user in square brackets is what is causing the error message you are seeing.

Improve this answer

Comments

1

user is a reserved keyword, so you just have to wrap it in square brackets to make it explicit that you mean the object named "User":

insert into [user]
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.