1

Please help me determine what's wrong with my code, the query seems to be fine, I tried executing it on phpmyadmin. 

  Dim cmdString As OdbcCommand
        cmdString = New OdbcCommand("INSERT INTO info_student (`idno`, `Last Name`, `First Name`, `Year and Section`, `Birthday`, `Address`) VALUES('" & (TextBox6.Text) & "','" & (TextBox1.Text) & "','" & (TextBox2.Text) & "','" & (TextBox3.Text) & "','" & (TextBox8.Text) & "','" & (TextBox10.Text) & "','" & (TextBox4.Text) & "'", con)
        cmdString.ExecuteNonQuery()

I got this error:

ERROR [42000] [MySQL][ODBC 5.1 Driver][mysqld-5.1.36-community-log]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Improve this question
0

3 Answers 3

Reset to default
1

You're missing the closing parens at the end of the insert statement.

                                                    V
...& (TextBox10.Text) & "','" & (TextBox4.Text) & "')", con)...
                                                    ^
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

I think that one of the values you're trying to insert already contains a single quote (') and therefore the SQL statement becomes invalid.

Please read some articles about SQL Injection, your code is vulnerable!

Improve this answer

Comments

1

Try changing your quotes to ' rather than the tilted quote character

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.