I have a filter on a continuous form that uses a Combo Box to select records to match; the code is:
Private Sub SelectHospitalCbo_AfterUpdate()
Me.Filter = "[ContactHospital] = " & "'" & Me.SelectHospitalCbo & "'"
Me.FilterOn = True
End Sub
This was working fine until I discovered that if the ContactHospital field includes an apostrophe (e.g. Children's Hospital) I get an error message:
Run-time error '3075':
Syntax error (missing operator) in query expression '[ContactHospital] = 'Children's Hospital".
I understand why the error is occurring, but I can't find a workaround. A recent question on this forum seemed to have a similar problem to mine, but there were no answers. Does this mean I can't get around it?
In case anyone wants to suggest removing all the apostrophes form the hospital names, I would consider that, but unfortunately this database interacts with a (much larger) database where the hospital names can't be changed and have to match, so that's not an option for me.
Any help from more experiences Access developers appreciated!
Options:
filter by numeric hospital ID instead of its name
"[ContactHospital] = '" & Replace(Me.SelectHospitalCbo, "'", "''") & "'"
"[ContactHospital] = """ & Me.SelectHospitalCbo & """"
"[ContactHospital] = " & Chr(34) & Me.SelectHospitalCbo & Chr(34)
Related
I am going to VBA for deleting data table.
It shows the errors shown in the screenshot.
Please help me to resolve it.
Private Sub cmdxoa_Click()
If Not (Me.frmformsub1.Form.Recordset.EOF And Me.frmformsub1.Form.Recordset.BOF) Then
If MsgBox("Do you wwant to delete ?", vbYesNo) = vbYes Then
CurrentDb.Execute "DELETE from db " & _
" where NOLC = " & Me.frmformsub1.Form.Recordset.Fields("nolc")
Me.frmformsub1.Form.Requery
End If
End If
End Sub
So if NOLC in the table is of type text, your criteria expression has to be:
"where NOLC = '" & Me.frmformsub1.Form.Recordset.Fields("nolc").Value & "'"
As you see you have to surround the value with '.
Remark: .Value isn't necessary, but it enhances the readability and assures that you are interested in the value and not in the object itself (the control in that case).
BUT: You should use parametrized queries instead string concatenation to avoid SQL injection:
How do I use parameters in VBA in the different contexts in Microsoft Access?
I would like to ask you for help with (edited) VBA code I found while searching for solution. My goal is to add validation rule to multiple field of table at once by VBA code. I have to use VBA code because there is so many fields and manual input would be insane.
Validation rule: NOT LIKE "*"+Chr(10)+"*" OR "*"+Chr(13)+"*" OR "*"+Chr(9)+"*"
(user can't save "enter", "ctrl+enter" and "tabulator")
For using this rule in VBA function the syntax is quite different but input to MS Access is correct.
My VBA code (not directly my, I found it and edit to my needs)
Public Function SetFieldValidation()
Dim dbs As DAO.Database
Dim tdf As DAO.TableDef
Dim fld As DAO.Field
Dim strValidRule As String
Dim strValidText As String
Dim bytNumOfFields As Byte
strValidRule = "NOT LIKE " & Chr(34) & "*" & Chr(34) & "+Chr(10)+" & Chr(34) & "*" & Chr(34) & " OR " & Chr(34) & "*" & Chr(34) & "+Chr(13)+" & Chr(34) & "*" & Chr(34) & " OR " & Chr(34) & "*" & Chr(34) & "+Chr(9)+" & Chr(34) & "*" & Chr(34)
strValidText = "Some error msg"
Set dbs = CurrentDb
Set tdf = dbs.TableDefs("Table_Name")
For bytNumOfFields = 0 To tdf.Fields.Count - 1
With tdf.Fields(bytNumOfFields)
If .Name <> "Record ID" Then
.ValidationRule = strValidRule
.ValidationText = strValidText
End If
End With
Next
End Function
In the past this script works with rule NOT LIKE "*"+Chr(10)+"*" OR "*"+Chr(13)+"*".
Than tried to add OR "*"+Chr(9)+"*".
Since this modification the MS Access (VBA) returns error: Property value is too large. (Error 3309) while I run the script. When I tried return to previous version of script without +Chr(9)+, the error still remains (even I succesfully used this script in the past and validation rules are set in another tables).
I'm really beginer in VBA, honestly I only need to setup this rule to all field of all tables. Can someone experienced tell me what's wrong in the code?
Thank you very much.
I suggest not using Chr(). Since Chr will always return the same value for a particular number, e.g. Chr(65) always returns A, I don't think you need to use the function to get the value you want. So try setting your strValidRule as one long static string with the characters returned by the Chr() functions hard coded.
I did a research and probably the problem is somewhere else - looks like error in table design of specific table.
1.) First test: At first I tried to debug strValidRule string and compare two approaches for string (my and with quotes as #Rominus advised). The results are same but quoString is smoother approach. Than I run script (tried both approaches). Error msg said 'Property Value Too Large' error 3309 and the old valid rules remains in table design unchanged (rules were set in the past and remains).
Sub teststring()
chrString = "chrString: NOT LIKE " & Chr(34) & "*" & Chr(34) & " +Chr(10)+ " & Chr(34) & "*" & Chr(34) & " OR " & Chr(34) & "*" & Chr(34) & " +Chr(13)+ " & Chr(34) & "*" & Chr(34)
Debug.Print chrString
quoString = "quoString: NOT LIKE ""*"" +Chr(10)+ ""*"" OR ""*"" +Chr(13)+ ""*"""
Debug.Print quoString
End Sub
2.) Second test: From my script above I firstly 'commented' values of strValidRule and strValidText by ' and add empty values "". Script run without error msg and added empty values.
Than I 'uncommented' the values and run script with values mentioned above (quoString approach and some msg for strValidText). Scritp run with error msg 'Property Value Too Large' error 3309. BUT, when I checked table design, the valid rules were properly set and working even the error msg popped up.
3.) Third test: I tried to use script in another table and run it without previously adding empty values described in step 2. (because in table were set old valid rules too). Script successfully overwrote old valid rules by new ones without msg of error 3309.
So, I found the way how to set valid rules but there is still some bug that shows error msg in specific table. Don't know how to fix it but I hope it haven't affect of my main goal (setting new working valid rules).
I am currently working on a project for a class where I am building a database in MS Access and using a bit of SQL and VB for the first time. I am attempting to include a login feature to this project.
My form uses this code on a button labelled "login" to take in input from the user in unbound textboxes, named txtEmployeeID and txtPassword, and compare them values in table Employee_T, named EmployeeID and EmployeePW. EmployeeID is an integer value while EmployeePW is a string.
Private Sub Command1_Click()
If IsNull(Me.txtEmployeeID) Then
MsgBox "Please enter EmployeeID", vbInformation, "EmployeeID Required"
Me.txtEmployeeID.SetFocus
ElseIf IsNull(Me.txtPassword) Then
MsgBox "Please enter password", vbInformation, "Password Required"
Me.txtPassword.SetFocus
Else
If (IsNull(DLookup("EmployeeID", "Employee_T", "EmployeeID = ' & Me.txtEmployeeID.Value & ' "))) Or _
(IsNull(DLookup("EmployeePW", "Employee_T", "EmployeePW = ' & Me.txtPassword.Value & ' "))) Then
MsgBox "Incorrect LoginID or Password"
Else
End If
End If
End Sub
However, after pressing the login button I am met with an error: Run-time error '3464': Datatype mismatch in criteria expression.
Could someone point me in the right direction? I feel as though my error is in the way I am referencing my variables.
I have never looked at any visual basic before this project and I do not have a book/teacher/classmate to refer to as visual basic is not something we are specifically learning.
Thank you very much in advance for any insight, and apologies for any formatting errors. This is my first post.
It looks like you're concatenating vaues in your DLookup incorrectly.
'" & password & "' for strings
" & employeeID & " for integers
When compiled, these are going to look like :
string - '" & variable & "' -> Compiled -> 'YourVariableValue'
integer - " & employeeID & " -> Compiled -> 15
You need to escape your quotes like this: (be careful for using it exactly like I post it here)
If (IsNull(DLookup("EmployeeID", "Employee_T","EmployeeID = """ & Me.txtEmployeeID.Value & """"))) Or _
(IsNull(DLookup("EmployeePW", "Employee_T", "EmployeePW = """ & Me.txtPassword.Value & """"))) Then
I was just testing my database and I realized that I run into problems wherever a text entry in my database contains a ' character (single quote). My solution for now is that before any .execute operations on a string, I call escape(string, "'", " "'" ").
Summarized example below:
qr = "INSERT INTO tblExample VALUES ( " & "'" & me.testparam & "'" & ");"
qr = Replace(qr, "'", " "'" ")
db.execute qr
'also tried qr = "INSERT INTO tblExample VALUES ( " & "'" & replace(me.testparam,"'"," ") & "'" & ");"
This was what I assumed to be the correct workaround to prevent errors from values such as Tourette's.
There's two problems with this. First of all, it's not working. Second, I have over 50 locations in code throughout my app where I call the statement db.execute qr where qr is a string that could potentially contain a single quote. I need the field in the table to contain the single quote, so I can't just replace it with a space or something similar.
Two part question:
Is there a better solution than going through all of my code calling Replace on every string that is to be executed as a query?
Why is my current implementation failing? - I still get syntax error in query expression even when escaping the single quote to a space.
First examine these 2 lines.
"VALUES ( " & "'" & me.testparam & "'" & ");"
"VALUES ( '" & me.testparam & "');"
Both will produce the exact same string. The difference for me is that my brain comprehends the second version faster.
Now, here is what the comments are telling you to do ... replace each single quote in your source string with two single quotes. I added Debug.Print so you can view the finished string in the Immediate window (go there with Ctrl+g) ... you can then see the actual string rather than trying to imagine what it looks like.
qr = "INSERT INTO tblExample VALUES ( '" & _
Replace(Me.testparam, "'", "''" & "');"
Debug.Print qr
db.Execute qr, dbFailOnError
Since I assumed db is a DAO.Database object variable, I included the dbFailOnError option. You should include an error handler in your code to deal with any problems dbFailOnError exposes.
When you run into trouble with a VBA function in a query, drop to the Immediate window and test your function expression there. This one triggers a compile error, "Expected: list separator or )":
? Replace("Tourette's", "'", " "'" ")
But this one works:
? Replace("Tourette's", "'", "''")
Tourette''s
I mentioned that because it's useful in general, and also because your title starts with "Escaping unwanted characters, mainly single quotes". So if you want to remove/replace other characters, not just single quotes, experiment in the Immediate window until you find a Replace() expression which works. Then use that expression in your query.
For example, if unwanted characters include line breaks ...
MyString = "foo" & vbCrlf & "bar" : ? MyString
foo
bar
? Replace(MyString, Chr(13) & Chr(10), " ")
foo bar
Note: I used Chr(13) & Chr(10) rather than vbCrlf as the find target because the db engine can use the Chr() function but doesn't know about the named constant (vbCrlf).
Your query is failing because you have not said where to insert :
Dim qd As QueryDef
qr = "INSERT INTO tblExample (AText) VALUES ( [avalue] );"
Set qd = CurrentDB.CreateQueryDef("",qr)
qd.Parameters("avalue").Value = me.testparam
qd.Execute dbFailOnError
Another method is to define a quote as constant (Const Quote = """") and use that to build SQL Statements. It is not possible to define a quote as Const Quote = Chr(34) as a constant definition can't be based on a function so one has to use four double quotes in a row. The third quote is what you are saving, the second quote is to excape the third quote and the first and last quote are because the value you are assigning is a string.
You will then be able to build SQL statements such as:
SQL = SELECT * FROM tblSyndromes
WHERE Syndrome = " & Quote & "Tourette's" & Quote & ";"
It will no longer matter that there are single quotes in your data.
I don't use parameters as if I upscale my database to sql server and convert my queries to pass-through queries, I can't use parameters. I rarely upscale but I write all my code with that assumption. Also if your query is not working as expected, how do find out what went wrong. If I have a variable called SQL, then I can always print the SQL statement and run it in a new query to see what it does.
I have a form and I want it to be filtered just after it loads.
After I click on the form it should be able to load by filtering specific data.
I want it to filter by Program Nam and Year.
I have tried the following code but I keep getting syntax errors:
Private Sub Form_Load()
Combo5.Value = Form_0_Cover.Combo0
Combo7.Value = Form_0_Cover.Combo2
'Me.Filter = "[Program_Name]=" & Me.Combo7 & " AND [Budget_Year]='" & Me.Combo5 & ""
End Sub
I am not sure what the problem seems to be. I keep getting syntax error.
Try:
Me.Filter = "[Program_Name]='" & Me.Combo7 & "' AND [Budget_Year]=" & Me.Combo5
I suspect that program name is text and budget year is numeric. It is possible that the program name combo has an id as the bound column, in which case things might get a little more difficult, probably:
Me.Filter = "[Program_ID]=" & Me.Combo7 & " AND [Budget_Year]=" & Me.Combo5