locked
Incorrect syntax near ')'. RRS feed

  • Question

  • User-2089670273 posted

    namespace Invoice_Number
    {
    public partial class InvoiceNo : System.Web.UI.Page
    {
    protected void Page_Load(object sender, EventArgs e)
    {
    invoice();
    }

    protected void Submit_Click(object sender, EventArgs e)
    {
    String CS = ConfigurationManager.ConnectionStrings["InvoiceDBConnectionString1"].ConnectionString;
    using (SqlConnection con = new SqlConnection(CS))
    {
    SqlCommand cmd = new SqlCommand("insert into Invoice values('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "')", con);
    con.Open();
    cmd.ExecuteNonQuery();
    }

    invoice();
    }
    public void invoice()
    {
    String CS = ConfigurationManager.ConnectionStrings["InvoiceDBConnectionString1"].ConnectionString;
    using (SqlConnection con = new SqlConnection(CS))
    {
    con.Open();
    SqlCommand cmd = new SqlCommand("select max (InvoiceNo.)+1 from Invoice", con);
    SqlDataReader dr = cmd.ExecuteReader();

    if (dr.HasRows)
    {
    while (dr.Read())
    {
    TextBox1.Text = dr[0].ToString();
    if (TextBox1.Text == "")
    {
    TextBox1.Text = "1";
    }
    }
    }
    else
    {
    TextBox1.Text = "1";
    }

    con.Close();
    }

    }
    }
    }

    Error :

    Incorrect syntax near ')'.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near ')'.

    Source Error:

    Line 37:                 con.Open();
    Line 38:                 SqlCommand cmd = new SqlCommand("select max (InvoiceNo.)+1 from Invoice", con);
    Line 39:                 SqlDataReader dr = cmd.ExecuteReader();
    Line 40:                 if (dr.HasRows)
    Line 41:                 {


    Source File: c:\users\vedan\documents\visual studio 2015\Projects\Invoice Number\Invoice Number\InvoiceNo.aspx.cs    Line: 39

    Stack Trace:

    [SqlException (0x80131904): Incorrect syntax near ')'.]
       System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +2581758
       System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +6030742
       System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +297
       System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) +4291
       System.Data.SqlClient.SqlDataReader.TryConsumeMetaData() +59
       System.Data.SqlClient.SqlDataReader.get_MetaData() +91
       System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString, Boolean isInternal, Boolean forDescribeParameterEncryption, Boolean shouldCacheForAlwaysEncrypted) +446
       System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, Boolean inRetry, SqlDataReader ds, Boolean describeParameterEncryptionRequest) +2698
       System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry) +1540
       System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method) +65
       System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method) +251
       System.Data.SqlClient.SqlCommand.ExecuteReader() +104
       Invoice_Number.InvoiceNo.invoice() in c:\users\vedan\documents\visual studio 2015\Projects\Invoice Number\Invoice Number\InvoiceNo.aspx.cs:39
       Invoice_Number.InvoiceNo.Page_Load(Object sender, EventArgs e) in c:\users\vedan\documents\visual studio 2015\Projects\Invoice Number\Invoice Number\InvoiceNo.aspx.cs:17
       System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +52
       System.Web.UI.Control.OnLoad(EventArgs e) +97
       System.Web.UI.Control.LoadRecursive() +61
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +693

    Friday, July 31, 2020 7:04 AM

Answers

  • User-939850651 posted

    Hi Flame103,

    Please confirm whether the field name in your data table is ‘ InvoiceNo. ‘.

    My guess is that the error is caused by a dot after the field name. If your field name is indeed like this, you should write the query like this:

    select max ([InvoiceNo.])+1 from Invoice

    SqlCommand cmd = new SqlCommand("insert into Invoice values('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "')", con);

    There may be the risk of SQL injection, you could try to use parameterization or use stored procedures.

    string insert = "insert into Invoice values(@param1,@param2,@param3)";
                cmd.Parameters.Add("@param1", TextBox1.Text);
                cmd.Parameters.Add("@param2", TextBox2.Text);
                cmd.Parameters.Add("@param3", TextBox3.Text);

    Best regards,

    Xudong Peng

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, July 31, 2020 7:53 AM

All replies

  • User-939850651 posted

    Hi Flame103,

    Please confirm whether the field name in your data table is ‘ InvoiceNo. ‘.

    My guess is that the error is caused by a dot after the field name. If your field name is indeed like this, you should write the query like this:

    select max ([InvoiceNo.])+1 from Invoice

    SqlCommand cmd = new SqlCommand("insert into Invoice values('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "')", con);

    There may be the risk of SQL injection, you could try to use parameterization or use stored procedures.

    string insert = "insert into Invoice values(@param1,@param2,@param3)";
                cmd.Parameters.Add("@param1", TextBox1.Text);
                cmd.Parameters.Add("@param2", TextBox2.Text);
                cmd.Parameters.Add("@param3", TextBox3.Text);

    Best regards,

    Xudong Peng

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, July 31, 2020 7:53 AM
  • User-2089670273 posted

    As guessed by you , error was caused due to the dot , I removed it and it solved my error !!

    Friday, July 31, 2020 8:32 AM