1

This is my code which I am getting syntax error in my INSERT statement for:

string strSql = "INSERT INTO Responses (OCR, DeadlineDate, OCR Title) VALUES ('"+textBox5.Text+"','"+textBox7.Text+"', '"+textBox6.Text+"')";

OleDbConnection newConn = new OleDbConnection(strProvider);
OleDbCommand dbCmd = new OleDbCommand(strSql, newConn);

newConn.Open();
dbCmd.ExecuteNonQuery();

any ideas?

Improve this question
1

2 Answers 2

Reset to default
9

The column name OCR Title is invalid, you have to escape it using [] like [OCR Title]:

INSERT INTO Responses (OCR, DeadlineDate, [OCR Title]) VALUES( ...

Also, please try to use parametrized queries instead of concatenating the values:

string strSql = "INSERT INTO Responses (OCR, DeadlineDate, [OCR Title]) VALUES (?, ?, ?)";

using (OleDbConnection newConn = new OleDbConnection(strProvider))
{
  using (OleDbCommand dbCmd = new OleDbCommand(strSql, newConn))
  {
    dbCmd.CommandType = CommandType.Text;
    dbCmd.Parameters.AddWithValue("OCR", textBox5.Text);
    dbCmd.Parameters.AddWithValue("DeadlineDate", textBox7.Text);
    dbCmd.Parameters.AddWithValue("[OCR Title]", textBox6.Text);
    newConn .Open();
    dbCmd.ExecuteNonQuery();
  }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Better to always put brackets around column names, when upgrading to a new database version who knows whether e.g. OCR becomes a keyword.
0

I guess the syntax error isn't related to c# but to SQL statement.

Maybe you need escape on textBoxes values and text qualifier for "OCR Title" table name.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.