information error:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')-Tanggalpjm)+1 As Lmpinjam, IFF (LMPINJAM>5,(LMPINJAM-5)*500,0) AS DENDA From t' at line 1
this my databse:
how this syntax work:
1. Select the member number in the combobox or type the member number in the Combobox (Book will appear that has been borrowed on the second grid
2. type the code of the Book (eg B001, B002, B003 etc.) on the first grid in the first column, if the file has never been borrowed, a message will appear that the Book has never been borrowed.
3. cancellation of returns on certain Book codes can be done by pressing ESC in the relevant Book row "
4. before being saved, fill in the "payment amount first"
denda = payment
its error on DataGridView1 coz this script use SQL access and my vb use phpmyadmin as database
so how to change this syntax to phpmyadmin SQL?
("Select distinct tbBuku.NomorBK,tbdetailpjm.Nomorpjm,Judul,JumlahBK,tanggalpjm, (Date()-Tanggalpjm)+1 As Lmpinjam, IFF (LMPINJAM>5,(LMPINJAM-5)*500,0) AS DENDA From tbAnggota,tbPinjam,tbBuku,tbDetailpjm Where tbBuku.NomorBK=tbDetailpjm.NomorBK And tbPinjam.Nomorpjm=tbDetailpjm.Nomorpjm And tbAnggota.Nomoragt=Pinjam.Nomoragt And tbAnggota.Nomoragt='" & CmbNomoragt.Text & "' AND tbDETAILPJM.NomorBK='" & DgLaporan.Rows(e.RowIndex).Cells(0).Value & "' AND DETAILPJM.JUMLAHBK>0", conn)
full script:
Imports MySql.Data.MySqlClient
Imports System.Math
Private Sub DgLaporan_CellEndEdit(ByVal sender As Object, ByVal e As System.Windows.Forms.DataGridViewCellEventArgs) Handles DgLaporan.CellEndEdit
If e.ColumnIndex = 0 Then
CMD = New MySqlCommand("select NomorBK from tbanggota,tbpinjam,tbdetailpjm where NomorBK ='" & DgLaporan.Rows(e.RowIndex).Cells(0).Value & "' and tbpinjam.nomorpjm=tbdetailpjm.nomorpjm and tbanggota.nomoragt=tbpinjam.nomoragt and tbanggota.nomoragt='" & CmbNomoragt.Text & "' AND tbdetailpjm.JUMLAHBK>0", conn)
RD = CMD.ExecuteReader
RD.Read()
If Not RD.HasRows Then
MsgBox(" " & LblNamaAgt.Text & " tidak meminjam kode Buku " & DgLaporan.Rows(e.RowIndex).Cells(0).Value & "")
Call HapusBaris()
Exit Sub
RD.Close()
End If
RD.Close()
CMD = New MySqlCommand("Select distinct tbBuku.NomorBK,tbdetailpjm.Nomorpjm,Judul,JumlahBK,tanggalpjm, (Date()-Tanggalpjm)+1 As Lmpinjam, IFF (LMPINJAM>5,(LMPINJAM-5)*500,0) AS DENDA From tbAnggota,tbPinjam,tbBuku,tbDetailpjm Where tbBuku.NomorBK=tbDetailpjm.NomorBK And tbPinjam.Nomorpjm=tbDetailpjm.Nomorpjm And tbAnggota.Nomoragt=Pinjam.Nomoragt And tbAnggota.Nomoragt='" & CmbNomoragt.Text & "' AND tbDETAILPJM.NomorBK='" & DgLaporan.Rows(e.RowIndex).Cells(0).Value & "' AND DETAILPJM.JUMLAHBK>0", conn)
RD = CMD.ExecuteReader
RD.Read()
If RD.HasRows Then
DgLaporan.Rows(e.RowIndex).Cells(1).Value = RD.Item(1)
DgLaporan.Rows(e.RowIndex).Cells(2).Value = RD.Item(2)
DgLaporan.Rows(e.RowIndex).Cells(3).Value = RD.Item(3)
DgLaporan.Rows(e.RowIndex).Cells(4).Value = RD.Item(4)
DgLaporan.Rows(e.RowIndex).Cells(5).Value = RD.Item(5)
DgLaporan.Rows(e.RowIndex).Cells(6).Value = RD.Item(6)
DgLaporan.CurrentCell = DgLaporan.Rows(e.RowIndex).Cells(0)
Call TotalKEMBALI()
Call TotalDENDA()
Call pembayaran()
Else
MsgBox(" " & LblNamaAgt.Text & " tidak meminjam kode Buku " & DgLaporan.Rows(e.RowIndex).Cells(0).Value & "")
End If
End If
RD.Close()
End Sub
The DATE function is used to extract a date from a string, thus it expects you to pass a parameter to it.
If you want to get today's date use the CURRENT_DATE function instead:
(CURRENT_DATE()-Tanggalpjm)+1
Also, your code is vulnerable to SQL Injection. Using regular string concatenation to build queries has been discouraged for many years. Look into how to use SQL Parameters.
Related
i have vb such as like this :
Sub inputdata()
Try
koneksi.Open()
***sql2 = "SELECT code_cust from customer where ('nama_cust= " & Me.cbcust.Text & "')"
cmd = New MySqlCommand(sql2, koneksi)
sql3.text=cmd.ExecuteNonQuery()***
sql = "insert into hsmaster(nohs,detailhs,beamasuk,satuanhs,idcust,asal) values ('" & Me.txtnohs.Text & "',"
sql += "'" & Me.rtdetail.Text & " ',"
sql += "'" & Me.txtbm.Text & " ',"
sql += "'" & Me.txtsatuan.Text & " ',"
sql += "'" & sql3 & " ',"
sql += "'" & Me.Cbcountry.Text & " ')"
cmd = New MySqlCommand(sql, koneksi)
cmd.ExecuteNonQuery()
MessageBox.Show("Insert data berhasil dilakukan")
Catch ex As Exception
MessageBox.Show("Insert data Gagal dilakukan")
Finally
koneksi.Close()
End Try
So i want save result of quert sql3 to slq3 , but the result was -1
Please advace ...
sql2 was query to customer table with clause name of customer was loading from combo box customer.
cbcust.text was from combo box loading data from table customer.
thanks for any kind help and sugestion.
ExecuteNonQuery is only for inserts/updates/deletes, queries that you aren't expecting to retrieve data back from. The -1 you are seeing is what databases return when executing a non-query to indicate whether the command was successful. You are correct to use ExecuteNonQuery on your second insert, but for your first select query if you want a value returned, you have to use
sql3.text = cmd.ExecuteScalar
or use a datareader
Dim dr As MySqlDataReader
dr = cmd.ExecuteReader
'check to make sure dr isnot nothing and read it, then
Dim returnValue as string = dr(code_cust)
ExecuteScalar is used for returning a single value and would probably work best in your case, datareader is used when expecting multiple columns and/or rows
You should be using parameters in your query too, but if using quotes like you are then:
***sql2 = "SELECT code_cust from customer where ('nama_cust= " & Me.cbcust.Text & "')"
needs the single quote moved like this:
***sql2 = "SELECT code_cust from customer where (nama_cust= '" & Me.cbcust.Text & "')"
because right now, that's a syntax error
I'm not a very good programmer, but I think the codes are correct. Can anyone check if there are errors in it, because I always get an error at the executenonquery line.
The error is:
{"Incorrect syntax near '9'." & vbCrLf & "Unclosed quotation mark
after the character string ',#memberpic)'."}
and/or
An unhandled exception of type 'System.Data.SqlClient.SqlException'
occurred in System.Data.dll
Additional information: Incorrect syntax near '9'.
Private Sub btnSave_Click(sender As Object, e As EventArgs) Handles btnSave.Click
cn.Open()
Using cmd As New SqlClient.SqlCommand("INSERT INTO tblMembers(name, contactno, address, birthday, baptism, ministry, memberpic)VALUES('" & txtName.Text & "','" & txtContactNo.Text & "','" & txtAddress.Text & "',''" & dtpBirthday.Text & "','" & dtpBaptism.Text & "','" & txtMinistry.Text & "',#memberpic)", cn)
cmd.Parameters.Add(New SqlClient.SqlParameter("#memberpic", SqlDbType.Image)).Value = IO.File.ReadAllBytes(a.FileName)
i = cmd.ExecuteNonQuery
End Using
If (i > 0) Then
MsgBox("Save " & i & " record successfully")
Clear()
End If
cn.Close()
ShowRecord()
End Sub
One of the strings in one of the TextBox elements probably contains a single quote '.
My advice, save yourself some pain and parameterize all of the values in your SQL statement. This is good programming practice for a myriad of reasons, but it will also solve your immediate need of escaping strings that may come from a TextBox.
First you tokenize your SQL statement.
...
VALUES(#name,#contactno,#address,#birthday,#baptism,#ministry,#memberpic)
Then, you set your parameters
...
cmd.Parameters.Add(New SqlClient.SqlParameter("#name", SqlDbType.Varchar)).Value = txtName.Text
As the error says you need to close the single quotes for the string
& "',#memberpic)"
should be
& "',#memberpic) '"
^^^^
I have this simple code of vba access to update product in the database. But when I debug, it stops at the DoCmd statement and got run-time error. I've made research about this kind of error and code, and had changed the code but still caused an error. Below is my simple code to update the product value.
Sub UpdateProduct()
Dim mySql As String
mySql = "UPDATE " & Forms!UPDATE_PRODUCT!cbxLensType _
& " SET LOT_NO = " & Forms!UPDATE_PRODUCT!txtLotNo _
& " WHERE EAN_CODE = " & Forms!UPDATE_PRODUCT!txtEan & ";"
DoCmd.RunSQL mySql
End Sub
Could you help me to explain what is the problem to my code? Is it because of the update syntax?
Thanks in advance.
**New to access vba
Since EAN_CODE is Text type you need to enclose it inside single quotes.
Sub UpdateProduct()
Dim mySql As String
mySql = "UPDATE [" & Forms!UPDATE_PRODUCT!cbxLensType _
& "] SET LOT_NO = " & Forms!UPDATE_PRODUCT!txtLotNo _
& " WHERE EAN_CODE = '" & Forms!UPDATE_PRODUCT!txtEan & "';"
DoCmd.RunSQL mySql
End Sub
If LOT_NO is also a Text type, make sure that it is also enclosed in Single quotes.
I have created a function that provide the value based on user selection.I want to use the output of the fuinction in another query.
My function is :-
Public Function provisionvariable() As String
For Each sItem In Forms![Access Form].Provision.ItemsSelected
v_provision = "" & Forms![Access Form].Provision.Column(0, sItem) & ""
Provision = Provision & "" + v_provision + ","
'MsgBox Provision
Next
Provision = Left(Provision, Len(Provision) - 1)
provisionvariable = Provision
MsgBox provisionvariable
End Function
The output of the function is BBNI,FP
I want to use the output as where condition in access query
My query is
***SELECT DISTINCT quarter, provision, [currencycode]+'-not found in Master' AS Comment
FROM t_00_unearned_unincepted_alloc_basis AS inp
WHERE **provision in (provisionvariable()) AND**
NOT EXISTS
(SELECT 1
FROM t_01_le_currency_master key1
WHERE inp.[group_stat]=key1.[group_stat] AND
inp.le=key1.le AND
inp.[currencycode]=key1.[original_currency]);***
Now the problem is output of function is BBNI,FP but access takes it as single string i.e. 'BBNI,FP' in the query.
Is it possible to have it as two string ('bbni','FP') rather than 'BBNI,FP'
Any Suggestions Much Appreciated
Thanks
Try:
Provision = Provision & "'" & v_provision & "',"
And to ensure you aren't repeatedly appending to a module-level variable, you should also do a local
Dim Provision As String
Based on the following post, "a function cannot be used for IN () clauses" How to call VBA-function from inside sql-query?
So you need to build the SQL (which would include the 'In' list) then execute it. Since I have no idea if multi-user environment, or how you will use the query output, I would build the SQL, save as a QueryDef object, then do whatever you want.
The following is what the code to build the SQL could look like:
Dim strSQL As String
strSQL = "SELECT DISTINCT quarter, provision, [currencycode]+'-not found in Master' AS Comment " & _
"FROM t_00_unearned_unincepted_alloc_basis AS inp " & _
"WHERE provision In (" & ProvisionVariable() & ") AND " & _
. . . .
Debug.Print strSQL
The following is my version of your Function (note the single-quote delimiters are added):
Public Function ProvisionVariable() As String
Dim sItem As Variant
Dim v_provision As String
Dim provision As String
provision = ""
For Each sItem In Forms![Access Form].Provision.ItemsSelected
v_provision = "'" & Forms![Access Form].Provision.Column(0, sItem) & "'"
provision = provision & "" + v_provision + ","
Next sItem
provision = left(provision, Len(provision) - 1)
ProvisionVariable = provision
Debug.Print ProvisionVariable
End Function
I am trying to create a DLookup with multiple criteria in Access 2010, and running into a little trouble. I create invoices via a form. On the invoice form I select the AccountID, and set billing month and year. Based on that information, I would like to search my Prepayment query (quePrepayment) and pull in any prepayments that match those three criteria.
I am currently getting this error:
Run-time error '3075':
Syntax error (missing operator) in query expression 'AccountID= & Forms![frmInvoices]!AccountID & Billing_Month = & Forms![frmInvoices]!Billing_Month & Billing_Year = & Forms![frmInvoices]!Billing_Year)'
Private Sub AccountID_Change()
Billing_Prepayment = DLookup("Total_Prepayment", "quePrepayment", "[AccountID] = & Forms![frmInvoices]!AccountID And [Billing_Month] = & Forms![frmInvoices]!Billing_Month And [Billing_Year] = & Forms![frmInvoices]!Billing_Year")
End Sub
Make the third DLookup argument a string with the Forms![frmInvoices] control references built into it. (The db engine can de-reference those controls when it evaluates the expression.)
Billing_Prepayment = DLookup("Total_Prepayment", "quePrepayment", _
"[AccountID] = Forms![frmInvoices]!AccountID And [Billing_Month] = Forms![frmInvoices]!Billing_Month And [Billing_Year] = Forms![frmInvoices]!Billing_Year")
However, that string is so long it may be challenging to see whether it is built correctly. You can use an approach like this instead ...
Dim strCriteria As String
strCriteria = "[AccountID] = Forms![frmInvoices]!AccountID " & _
"And [Billing_Month] = Forms![frmInvoices]!Billing_Month " & _
"And [Billing_Year] = Forms![frmInvoices]!Billing_Year")
Debug.Print strCriteria
Billing_Prepayment = DLookup("Total_Prepayment", "quePrepayment", _
strCriteria)
Then in case of trouble, you can go to the Immediate window (Ctrl+g) to examine what was built for strCriteria.