Apparently i'm getting a syntax error, but I don't see any issues with my code!
if rs.EOF then
'User doesn't exist, create the record
query = currentDate&",'"
query = query + password & "','"
query = query + "user', '"
query = query + email & "', '"
query = query + fname & "', '"
query = query + sname & "'"
handle = add_to_database("users","jdate,password,perms,email,fname,sname",query)
response.write handle
else
response.write "Error: User already exists, please use a different email address"
end if
Here is the add_to_database function
function add_to_database(where,column,values)
'Create query
sql = "INSERT INTO " & where & " (" & column & ") VALUES (" & values & ")"
on error resume next
'Add images to database
conn.Execute sql,recaffected
if err<>0 then
add_to_database = err.description &":"&sql&"<br />"
end if
'Destroy connection
sql = ""
end function
This is the error that is written to the page
Syntax error in INSERT INTO statement.:INSERT INTO users (jdate,password,perms,email,fname,sname) VALUES (#2013/8/2#,'af453d19feb2520c8c0d30fb39ebd211','user', 'martynleeba#gmail.com', 'Martyn', 'Ball')
The users table includes a field named password. But password is a reserved word, so can confuse the db engine when it finds it in a query. Rename that field if possible. If you must keep the name as is, enclosed it in square brackets to signal the db engine it is an object name.
handle = add_to_database("users","jdate,[password],perms,email,fname,sname",query)
Related
In the below code, the value of skuSet.Fields(0), which is a text field in the database, is "000000002".
If skuSet.RecordCount = 0 Then
sql = "SELECT Stock_Code FROM Stock WHERE Stock_Code = '" & stkLine.StockCode & "'"
Set skuSet = dbStock.OpenRecordset(sql, dbOpenDynaset)
End If
sql = "SELECT * FROM PickedByPicco WHERE OrderID = " & stkLine.OrderId & " AND StockCode = '" & skuSet.Fields(0) & "'"
Set SOPSLineSet = dbSOPS.OpenRecordset(sql, dbOpenDynaset)
If SOPSLineSet.RecordCount = 0 Then
sql = "INSERT INTO PickedByPicco(OrderID, StockCode, Qty, ScannedBy, ProcessedBy, processed) VALUES(" & stkLine.OrderId & _
", " & skuSet.Fields(0) & ", " & stkLine.Quantity & ", '" & stkLine.UserId & "', '', False)"
dbSOPS.Execute (sql)
When I step through the code, the value in skuSet.Fields(0) is still the same, as expected.
When the query has been executed, I check the PickedByPicco table, and the StockCode field shows just a value of 2 instead, and it's removed all of the leading 0's.
Why would it be doing this and how can I stop it?
That's because your INSERT statement looks like this:
INSERT INTO PickedByPicco (...) VALUES (..., 000000002, ...)
when it should look like this:
INSERT INTO PickedByPicco (...) VALUES (..., '000000002', ...)
(Note the quotes around your value.)
Normally, I'd tell you to use parameterized SQL, because SQL creation by string concatenation is evil, but, unfortunately, DAO's Database.Execute does not support that. So, the next best thing is to properly escape strings. To do that:
put single quotes around your value and
escape any single quotes occurring in your value:
I.e. this line
", " & skuSet.Fields(0) & ", " & ...
becomes
", '" & Replace(skuSet.Fields(0), "'", "''") & "', " & ...
While you are at it, be sure to replace single quotes in your other strings as well! Currently, a UserId of O'Brien would break your SQL, and other values might do worse.
I want to identify account inputted if it is an admin account or an user account and search the username and password entered in admin table if it is not there search it into "users table"and this is the error i got operand should contain 1 column(s)
this is the query i tried
Query = "select admin.user,admin.pass from admin where user= '" & username.Text & "' and pass= '" & password.Text & "'" not in users.user,users.pass"
The error is pretty obvious: only single column allowed to pass for IN or NOT IN clause to determine relevant values assigned for that column.
You can fix the query by providing single column from a subquery like this example:
Dim Query As String = "SELECT admin.user, admin.pass FROM admin WHERE user = '" & username.Text & _
"' AND pass = '" & password.Text & _
"' OR user [NOT] IN (SELECT users.user FROM users WHERE user = '" & username.Text & _
"' AND pass = '" & password.Text & "')"
NB: Rather than concatenating value strings, use parameterized query version instead:
Dim Query As String = "SELECT admin.user, admin.pass FROM admin WHERE user = #username AND pass = #password OR user [NOT] IN (SELECT users.user FROM users WHERE user = #username AND pass = #password)"
Similar issue:
Operand Should Contain 1 Column - MySQL NOT IN
I need to update a MySQL database with the new values just collected.
The program will get values like this:
sql = "select * from Accounts where username ='" & txtuname.Text & "' and userpassword = '" & txtpass.Text & "'"
Dim credits As String
credits = publictable.Rows(0).Item(5)
credit.Text = "" & credits
Then it will update the current value with a new value like this:
cmd.CommandText = "UPDATE * Accounts SET credits = '& credit.Text + 10 &' WHERE username = '& Form1.txtuname.Text & '"
However, I am stuck on the UPDATE string.
I think, you have to study well about the update command, since your query syntax is wrong. and you are making some syntactical mistake in the formation of the query. use Line continuation operators to make the query more understandable. plan the output before you query.
cmd.CommandText = "UPDATE Accounts SET " & _
"credits = '" & val(credit.Text) + 10 & "'" & _
"WHERE username = '" & Form1.txtuname.Text & '"
I have encountering a very silly problem. The requirement is to stop the duplicate entry in access table. I am using Vb6. But each time I try I am encountering syntax error.
My code
My flexgrid is populated and refreshed. I am able to insert and select data in another table in same database. But this one is failing
sql_txt1 = "Select SL_No from SpAIReport where DOM ='" & Format(Now, "mm/dd/yyyy") & _
"' and AC-REG ='" & msgDisFlex.TextMatrix(i, 4) & "' and Flt No = '" & msgDisFlex.TextMatrix(i, 6) & "'"
Set rs1 = db.OpenRecordset(sql_txt1)
I am able to update this table, but multiple time same data are getting populated.
The access table structure with the entries are given below
Date_OF_Fly Flt No GMT Weight Airtime Station DOM Data_hrs Filename
7/3/2000 11 03:45:01 5 01:23:40 XXX 01/25/2014 120:10:15 ABCD
Plus, after saving if I want to access it through recordset then it is showing NULL.
The code is:
sql_txt = "select * from SpAIReport where DOM='" & dateDailyReport & "'"
Set rs = db.OpenRecordset(sql_txt)
The dateDailyReport value is 01/25/2014. This value is present in database. Still this query is not working.
Please help.
You probably want to put 'Flt No' and 'AC-REG' in square brackets otherwise they look like two field names:
"' and [AC-REG] ='" & msgDisFlex.TextMatrix(i, 4) & "' and [Flt No] = '" &
We'd like to count from an Access database that has multiple tables - about 50.
We need to count from 1 column in each table that is 'QCPASS' This is a check box - if a product passed the box was checked if failed then not. We need to count both for EACH table, also allowing the user to specify a date range from a date column that exists in every table.
I've tried this with a query but I am told the query is unable to select, count and do the date range. Any VBA help would be great.
Exporting to Excel would be great, but any results would be fine. Here is the query I created that counts in a column from each table passes and failures. I can't iterate with a query either, so VBA seems the way to go:
SELECT "Table1" , Count('qcpass') AS column
FROM 5000028
GROUP BY [5000028].qcpass
union
SELECT "Table2",count('qcpass')
FROM 5000029
Group By [5000029].qcpass;
You can traverse the full TableDefs collection in your database, and create a query using VBA.
A word of warning: The TableDefs collection has the Access database system tables, so you need to skip this. A way I suggest you is to check for a specific table name prefix (it is noted in the code below).
public sub createMyBigUnionQuery()
dim db as DAO.database(), tbl as DAO.tableDef
dim strSQL as string, i as integer
set db = currentdb()
i = 1
for each tbl in db.TableDefs
if left(tbl.name, 1) = "5" then ' Check for a table name prefix
if i = 1 then
' The final spaces are important
strSQL = "select '" & tbl.Name & "' as table, count(qcpass) as column " & _
"from [" & tbl.Name & "] " & _
"group by qcpass "
else
' The final spaces are important
strSQL = strSQL & " union all " & _
"select '" & tbl.Name & "' as table, count(qcpass) as column " & _
"from [" & tbl.Name & "] " & _
"group by qcpass "
end if
i = i + 1
end if
next tbl
db.createQueryDef "qryYourFinalQuery", strSQL
db.close
exit sub
Notice that you can define any valid query you want. Take this as a hint, and tweak it to fit your specific needs.
Hope this helps you
Adressing #HansUp comment, if you need to filter your data by date, you have two options:
Include the where condition on every select created by the procedure
Include the date field in your query and group by it, and create a second query to filter the data you need from the created query.
I would personally go with option 1, and here is a sample code:
public sub createMyBigUnionQueryWithDates(d0 as date, d1 as date)
dim db as DAO.database(), tbl as DAO.tableDef
dim strSQL as string, i as integer
set db = currentdb()
i = 1
for each tbl in db.TableDefs
if left(tbl.name, 1) = "5" then ' Check for a table name prefix
if i = 1 then
' The final spaces are important
strSQL = "select '" & tbl.Name & "' as table, count(qcpass) as column " & _
"from [" & tbl.Name & "] " & _
"where rowDate between " & cDbl(d0) & " and " &cDbl(d1) & " " & _
"group by qcpass "
else
' The final spaces are important
strSQL = strSQL & " union all " & _
"select '" & tbl.Name & "' as table, count(qcpass) as column " & _
"from [" & tbl.Name & "] " & _
"where rowDate between " & cDbl(d0) & " and " &cDbl(d1) & " " & _
"group by qcpass "
end if
i = i + 1
end if
next tbl
db.createQueryDef "qryYourOtherFinalQuery", strSQL
db.close
exit sub
The reason I use cDbl(d0) is because Access dates are sensitive to regional settings, and I've had a lot of headaches dealing with it. Access (and many other Microsoft products) store dates as floating-point numbers (the integer part is the date, and the decimal part is the time).
Another word of warning: If your dates don't include time, then the between condition will work. But if they do include time, then I recommend you change the where condition to this:
"where rowDate >= " & cDbl(d0) & " and rowDate < " & cDbl(d1 + 1)"