locked
Adding data to Database from WebPage RRS feed

  • Question

  • User302756865 posted

    Hello everyone,

    I'm hoping you will be able to help me with this little problem I'm having.  This code I am about to post used to work on one of my older sites but will not work on a site I'm trying to build now.

    The aim of the web page is for the user to enter details and this information inset into the database.

    rotected Sub btnAdd_Click(ByVal sender As Object, ByVal e As System.EventArgs)
    
        
            Dim strHeader As String
            Dim strDate As String
            Dim strArticle As String
            strHeader = "hello"
            strDate = txtDate.Text
            strArticle = txtArticle.Value
            
            Dim strDatabaseNameAndLocation As String
            strDatabaseNameAndLocation = Server.MapPath("fixtures.mdb")
            Dim strSQLCommand As String
            strSQLCommand = "INSERT INTO news(newsHeader) Values (txtHeader.text);"
            Dim objOleDbConnection As System.Data.OleDb.OleDbConnection
            objOleDbConnection = New System.Data.OleDb.OleDbConnection("Provider=Microsoft.Jet.Oledb.4.0; Data Source=" & strDatabaseNameAndLocation)
            objOleDbConnection.Open()
            Dim objOleDbCommand As System.Data.OleDb.OleDbCommand
            objOleDbCommand = New System.Data.OleDb.OleDbCommand(strSQLCommand, objOleDbConnection)
            objOleDbCommand.ExecuteNonQuery()
            objOleDbConnection.Close()
        
        End Sub

    When you click on the submit button, the following error appears:

    No value given for one or more parameters

    objOleDbCommand.ExecuteNonQuery()



    Monday, March 25, 2013 4:47 PM

Answers

  • User1508394307 posted

    This line caused the error

    strSQLCommand = "INSERT INTO news(newsHeader) Values (txtHeader.text);"

    txtHeader.text supposed to be a reference to the txtHeader control.

    So, you should change it to something like

    strSQLCommand = "INSERT INTO news(newsHeader) Values ('" & txtHeader.Text & "');"

    which is simple but not recommended due to SQL injection risk.

    Use

    strSQLCommand = "INSERT INTO news(newsHeader) Values (?)"
    OleDbParameter newsHeader = new OleDbParameter("@newsHeader", txtHeader.Text); ... Dim objOleDbCommand As System.Data.OleDb.OleDbCommand objOleDbCommand = New System.Data.OleDb.OleDbCommand(strSQLCommand, objOleDbConnection) objOleDbCommand.Parameters.Add(newsHeader)

    Hope this helps.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, March 26, 2013 4:25 AM

All replies

  • User1508394307 posted

    This line caused the error

    strSQLCommand = "INSERT INTO news(newsHeader) Values (txtHeader.text);"

    txtHeader.text supposed to be a reference to the txtHeader control.

    So, you should change it to something like

    strSQLCommand = "INSERT INTO news(newsHeader) Values ('" & txtHeader.Text & "');"

    which is simple but not recommended due to SQL injection risk.

    Use

    strSQLCommand = "INSERT INTO news(newsHeader) Values (?)"
    OleDbParameter newsHeader = new OleDbParameter("@newsHeader", txtHeader.Text); ... Dim objOleDbCommand As System.Data.OleDb.OleDbCommand objOleDbCommand = New System.Data.OleDb.OleDbCommand(strSQLCommand, objOleDbConnection) objOleDbCommand.Parameters.Add(newsHeader)

    Hope this helps.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, March 26, 2013 4:25 AM
  • User1291589676 posted

    In your sql query you were not passed the value as varchar so that this error occured try as below,

    strSQLCommand = "INSERT INTO news(newsHeader) Values ("+txtHeader.text+");"
    Or strSQLCommand = "INSERT INTO news(newsHeader) Values ("+strHeader+");"
    Tuesday, March 26, 2013 4:38 AM