Solved: i just managed to solve the problem by creating a new table and removing [IT-DEC], [IT-DEC-MAKER-FNAME], [IT-DEC-MAKER-LNAME] where i replaced them by strings accepted by access such as ITDECMAKER ITDECMAKEFNAME ITDECMAKERLNAME
Looks like the problem is solved, however if anyone has a theory to why this has happened id really appreciate your contribution
thank you
I am facing trouble with inserting more than one line of data into my table. For example i load my form and input the data into textbox all information are inserted into their respective tables accordingly, however for the second time when i want to insert data, all data are inserted succesffuly in their respective tables except for one table which is not taking any more data thus only allowing for one line of data.
This is the code i am using in the same form
This part of code is responsible for the userinfo table which is not accepting more than one record
Private Sub proceedBTN_Click()
GlobalVar.flp = Me.qfirstname + Me.qlastname + Me.qmobile
CurrentDb.Execute "INSERT INTO UserInfo(" _
& "FLP, FirstName, LastName, Company, JobTitle, PhoneNumber, Mobile, Email, Fax, " _
& "[IT-DEC], [IT-DEC-MAKER-FNAME], [IT-DEC-MAKER-LNAME], Contact, ContactMethodPhone, " _
& "ContactMethodEmail, ContactMethodFax, ContactMethodPostal , AcquisitionTimeFrame, Budget ) " _
& "VALUES('" & GlobalVar.flp & "','" & Me.qfirstname & "','" & Me.qlastname & "','" & Me.qcompany & "','" & Me.qjob & "','" & Me.qphone & "','" & Me.qmobile & "','" & Me.qemail & "','" _
& Me.qfax & "','" & Me.itdecopt & "','" & Me.qitfirstname & "','" & Me.qitlastname & "','" & Me.contactoption & "','" _
& Me.contactphoneopt & "','" & Me.contactemailopt & "','" & Me.contactfaxopt & "','" & Me.contactpostalopt & "','" & Me.acquisitionoption & "','" & Me.budgetoption & "');"
This Code is responsible for inserting into the UserPartners table which allows succesffuly entering multiple records.
CurrentDb.Execute "INSERT INTO UserPartners(" _
& "FLP, PartnerACT, PartnerBMB, PartnerEverTeam, " _
& "PartnerFormatech, PartnerICC, PartnerIBS, PartnerMegaTek, PartnerMDS, PartnerProcomix, PartnerSetsSolutions, " _
& "PartnerTripleC, PartnerNewHorizons, PartnerPromethean, PartnerTeletrade, PartnerNokia, PartnerPolycom, PartnerDell ) " _
& "VALUES('" & GlobalVar.flp & "','" & Me.partneract & "','" & Me.partnerbmb & "','" _
& Me.partnereverteam & "','" & Me.partnerformatech & "','" & Me.partnericc & "','" & Me.partneribs & "','" & Me.partnermegatek & "','" & Me.partnermds & "','" _
& Me.partnerprocomix & "','" & Me.partnersetssolutions & "','" & Me.partnertriplec & "','" & Me.partnernewhorizons & "','" & Me.partnerpromethean & "','" _
& Me.partnerteletrade & "','" & Me.partnernokia & "','" & Me.partnerpolycom & "','" & Me.partnerdell & "');"
Finally this is the code for the whole form
Option Compare Database
Private Sub contactoption_Click()
If Me.contactoption.Value = 2 Then
Me.contactemailopt.Enabled = False
Me.contactfaxopt.Enabled = False
Me.contactphoneopt.Enabled = False
Me.contactpostalopt.Enabled = False
Me.partneract.Enabled = False
Me.partnerbmb.Enabled = False
Me.partnerdell.Enabled = False
Me.partneredm.Enabled = False
Me.partnereverteam.Enabled = False
Me.partnerformatech.Enabled = False
Me.partneribs.Enabled = False
Me.partnericc.Enabled = False
Me.partnermds.Enabled = False
Me.partnermegatek.Enabled = False
Me.partnernewhorizons.Enabled = False
Me.partnernokia.Enabled = False
Me.partnerpolycom.Enabled = False
Me.partnerprocomix.Enabled = False
Me.partnerpromethean.Enabled = False
Me.partnersetssolutions.Enabled = False
Me.partnerteletrade.Enabled = False
Me.partnertriplec.Enabled = False
Else: Me.contactemailopt.Enabled = True
Me.contactfaxopt.Enabled = True
Me.contactphoneopt.Enabled = True
Me.contactpostalopt.Enabled = True
Me.partneract.Enabled = True
Me.partnerbmb.Enabled = True
Me.partnerdell.Enabled = True
Me.partneredm.Enabled = True
Me.partnereverteam.Enabled = True
Me.partnerformatech.Enabled = True
Me.partneribs.Enabled = True
Me.partnericc.Enabled = True
Me.partnermds.Enabled = True
Me.partnermegatek.Enabled = True
Me.partnernewhorizons.Enabled = True
Me.partnernokia.Enabled = True
Me.partnerpolycom.Enabled = True
Me.partnerprocomix.Enabled = True
Me.partnerpromethean.Enabled = True
Me.partnersetssolutions.Enabled = True
Me.partnerteletrade.Enabled = True
Me.partnertriplec.Enabled = True
End If
End Sub
Private Sub itdecopt_Click()
If Me.itdecopt.Value = 1 Then
Me.qitfirstname.Enabled = False
Me.qitlastname.Enabled = False
Else: Me.qitfirstname.Enabled = True
Me.qitlastname.Enabled = True
End If
End Sub
Private Sub proceedBTN_Click()
GlobalVar.flp = Me.qfirstname + Me.qlastname + Me.qmobile
CurrentDb.Execute "INSERT INTO UserInfo(" _
& "FLP, FirstName, LastName, Company, JobTitle, PhoneNumber, Mobile, Email, Fax, " _
& "[IT-DEC], [IT-DEC-MAKER-FNAME], [IT-DEC-MAKER-LNAME], Contact, ContactMethodPhone, " _
& "ContactMethodEmail, ContactMethodFax, ContactMethodPostal , AcquisitionTimeFrame, Budget ) " _
& "VALUES('" & GlobalVar.flp & "','" & Me.qfirstname & "','" & Me.qlastname & "','" & Me.qcompany & "','" & Me.qjob & "','" & Me.qphone & "','" & Me.qmobile & "','" & Me.qemail & "','" _
& Me.qfax & "','" & Me.itdecopt & "','" & Me.qitfirstname & "','" & Me.qitlastname & "','" & Me.contactoption & "','" _
& Me.contactphoneopt & "','" & Me.contactemailopt & "','" & Me.contactfaxopt & "','" & Me.contactpostalopt & "','" & Me.acquisitionoption & "','" & Me.budgetoption & "');"
CurrentDb.Execute "INSERT INTO UserPartners(" _
& "FLP, PartnerACT, PartnerBMB, PartnerEverTeam, " _
& "PartnerFormatech, PartnerICC, PartnerIBS, PartnerMegaTek, PartnerMDS, PartnerProcomix, PartnerSetsSolutions, " _
& "PartnerTripleC, PartnerNewHorizons, PartnerPromethean, PartnerTeletrade, PartnerNokia, PartnerPolycom, PartnerDell ) " _
& "VALUES('" & GlobalVar.flp & "','" & Me.partneract & "','" & Me.partnerbmb & "','" _
& Me.partnereverteam & "','" & Me.partnerformatech & "','" & Me.partnericc & "','" & Me.partneribs & "','" & Me.partnermegatek & "','" & Me.partnermds & "','" _
& Me.partnerprocomix & "','" & Me.partnersetssolutions & "','" & Me.partnertriplec & "','" & Me.partnernewhorizons & "','" & Me.partnerpromethean & "','" _
& Me.partnerteletrade & "','" & Me.partnernokia & "','" & Me.partnerpolycom & "','" & Me.partnerdell & "');"
CurrentDb.Execute "INSERT INTO UserProducts(" _
& "FLP, ProductsExchange,ProductsLyncServer, ProductsLync , ProductsOffice, ProductsSharePoint, ProductsSharePointInternet, ProductsWindowsServer, " _
& "ProductsSystemCenter, ProductsSQL, ProductsWindows7 ) " _
& "VALUES('" & GlobalVar.flp & "','" & Me.productexchange & "','" & Me.productlyncserver & "','" _
& Me.productlync & "','" & Me.productoffice & "','" & Me.productsharepoint & "','" & Me.productsharepointinternet & "','" & Me.productserver & "','" & Me.productsystemcenter & "','" _
& Me.productsql & "','" & Me.productwindows & "');"
DoCmd.OpenForm "DayChoose", acNormal
DoCmd.Close acForm, "UserInfo", acSaveYes
End Sub
Before I can help you, please rework using parameters as follows:
Private Sub proceedBTN_Click()
Dim Db As DAO.Database
Set Db = CurrentDb
Dim qd As DAO.QueryDef
Dim SQL As String
SQL = "INSERT INTO UserInfo(" & _
"FLP, FirstName, LastName, Company, JobTitle, PhoneNumber, Mobile, Email, Fax, " & _
"[IT-DEC], [IT-DEC-MAKER-FNAME], [IT-DEC-MAKER-LNAME], Contact, ContactMethodPhone, " & _
"ContactMethodEmail, ContactMethodFax, ContactMethodPostal , AcquisitionTimeFrame, Budget) " & _
"VALUES([pflp], [pfirstname], [pqlastname], [pqcompany],[pqjob],[pqphone],[pqmobile], [pqemail]," & _
"[pqfax],[pitdecopt],pqitfirstname,[pqitlastname],[pcontactoption],[pcontactphoneopt],[pcontactemailopt]," & _
"[pcontactfaxopt],[pcontactpostalopt],[pacquisitionoption],[pbudgetoption]);"
Set qd = Db.CreateQueryDef("", SQL)
qd.Parameters("pflp") = GlobalVar.flp
qd.Parameters("pfirstname") = Me.qfirstname
' continue filling parameters....
qd.Parameters("pbudgetoption").Value = Me.budgetoption
qd.Execute
End Sub
If this does not resolve your issue, we can dig a little deeper.
Related
So here's my problem I can get my subform to requery once but that is it I can't get it to requery after new information is entered. Can someone please help! I have tried using RecordsetClone and that didn't work as well as other suggestions and I haven't been able to get anything to work
Private Sub cmdAdd_Click()
CurrentDb.Execute "INSERT INTO tbl_GroupVolunteers (GroupName, Leader,
VolunteerName, Email, Phone, EmergencyContact, EmergencyNumber,
NumberofVolunteers, RegistrationNumber)" & _
"VALUES ('" & Me.txtGroupName & "','" & Me.cboLeader & "','" &
Me.txtVolunteerName & "','" & Me.txtEmail & "','" & Me.txtPhone & "','" &
Me.txtEmergencyContact & _
"','" & Me.txtEmergencyNumber & "','" & Me.txtNumberofVolunteers & "','" &
Me.txtRegistrationNumber & "')"
'refresh data
Me!subformGroupVolunteers.Form.Requery
'Clear form
cmdClear_Click
End Sub
Put a break in your code and step through it to see where it's failing. I'd suggest separating the Execute function. Something like this:
Dim sqlStr as String
sqlStr = "INSERT INTO tbl_GroupVolunteers (GroupName, Leader,
VolunteerName, Email, Phone, EmergencyContact, EmergencyNumber,
NumberofVolunteers, RegistrationNumber)" & _
"VALUES ('" & Me.txtGroupName & "','" & Me.cboLeader & "','" &
Me.txtVolunteerName & "','" & Me.txtEmail & "','" & Me.txtPhone & "','" &
Me.txtEmergencyContact & _
"','" & Me.txtEmergencyNumber & "','" & Me.txtNumberofVolunteers & "','" &
Me.txtRegistrationNumber & "')"
CurrentDb.Execute sqlStr
'refresh data
Me!subformGroupVolunteers.Form.Requery
'Clear form
cmdClear_Click
Or instead of stepping through it, you can add a messagebox like this:
Dim sqlStr as String
sqlStr = "INSERT INTO tbl_GroupVolunteers (GroupName, Leader,
VolunteerName, Email, Phone, EmergencyContact, EmergencyNumber,
NumberofVolunteers, RegistrationNumber)" & _
"VALUES ('" & Me.txtGroupName & "','" & Me.cboLeader & "','" &
Me.txtVolunteerName & "','" & Me.txtEmail & "','" & Me.txtPhone & "','" &
Me.txtEmergencyContact & _
"','" & Me.txtEmergencyNumber & "','" & Me.txtNumberofVolunteers & "','" &
Me.txtRegistrationNumber & "')"
Msgbox sqlStr 'Display the string
CurrentDb.Execute sqlStr
'refresh data
Me!subformGroupVolunteers.Form.Requery
'Clear form
cmdClear_Click
This way, you can step through the variable and make sure the string that gets created is functioning properly. If records aren't being added correctly, then it's probably because that INSERT INTO statement isn't pulling in the data properly.
I have the following code. I am using a form in MS Access 2010 to enter new lines into my table Nlog. When I try to run the code, it gives me the error Run-Time error '3061': Too few parameters. Expected 1.
I can't find the error!
Private Sub Command128_Click()
'add data to table
CurrentDb.Execute "INSERT INTO NLog(IDKEY, Company, CoName, State, City, AmtpdTotal, DateRec, Notified, DateNotice, AcctID, TaxType, Period, NoticeReason, Resolution, TaxDue, Intdue, PenDue, Dateres, Amtpdint, amtpdpen, amtpdtax, Assigned, subAssgn, Resolved) " & _
" VALUES(" & Me.TxtIDKEY & ",'" & Me.Company & "','" & Me.CoName & "','" & _
Me.State & "','" & Me.City & "','" & Me.TxtAmtpdTotal & "','" & _
Me.DateRec & "','" & Me.Notified & "','" & _
Me.DateNotice & "','" & Me.AcctID & "','" & Me.TaxType & "','" & Me.Period & "','" & _
Me.NoticeReason & "','" & Me.Resolution & "','" & Me.TaxDue & "','" & Me.IntDue & "','" & Me.PenDue & "','" & _
Me.DateRes & "','" & Me.AmtPdInt & "','" & Me.AmtpdPen & "','" & Me.AmtpdTax & "','" & _
Me.Assigned & "','" & Me.txtsubass & "','" & Me.Resolved & "')", dbFailOnError
MsgBox ("Entry Added")
Use a string variable to hold the INSERT statement. That allows you to Debug.Print the string so you can inspect the actual statement your code created. And you can Execute the string.
Dim strInsert As String
strInsert = "INSERT INTO NLog(IDKEY, Company, CoName, State, City, AmtpdTotal, DateRec, Notified, DateNotice, AcctID, TaxType, Period, NoticeReason, Resolution, TaxDue, Intdue, PenDue, Dateres, Amtpdint, amtpdpen, amtpdtax, Assigned, subAssgn, Resolved) " & _
" VALUES(" & Me.TxtIDKEY & ",'" & Me.Company & "','" & Me.CoName & "','" & _
Me.State & "','" & Me.City & "','" & Me.TxtAmtpdTotal & "','" & _
Me.DateRec & "','" & Me.Notified & "','" & _
Me.DateNotice & "','" & Me.AcctID & "','" & Me.TaxType & "','" & Me.Period & "','" & _
Me.NoticeReason & "','" & Me.Resolution & "','" & Me.TaxDue & "','" & Me.IntDue & "','" & Me.PenDue & "','" & _
Me.DateRes & "','" & Me.AmtPdInt & "','" & Me.AmtpdPen & "','" & Me.AmtpdTax & "','" & _
Me.Assigned & "','" & Me.txtsubass & "','" & Me.Resolved & "')"
Debug.Print strInsert
CurrentDb.Execute strInsert, dbFailOnError
You can then view the completed statement (the output from Debug.Print) in the Immediate window. Ctrl+g will take you to the Immediate window.
If the error is not obvious, you can copy the statement text, create a new query in the query designer, switch it to SQL View, and paste in the copied statement. When you try to run that query from the designer, Access will display a parameter dialog which asks you to supply a value for the parameter. Notice that dialog also includes the "name" of the parameter. Frequently the cause of this problem is a misspelled field name --- since Access can't find a field by that name, it assumes it must be a parameter instead.
Alternatively, you can use VBA code to show you the names of any parameters in your query:
Dim db As DAO.Database
Dim qdf As DAO.QueryDef
Dim prm As DAO.Parameter
Set db = CurrentDb
Set qdf = db.CreateQueryDef(vbNullString, strInsert)
For Each prm In qdf.Parameters
Debug.Print prm.Name
Next
I have this code in saving the record in the database
mycom.Connection = cn
mycom.CommandText = "Insert into
tbl_employee(LastName,FirstName,MiddleName,NickName,DHired,Position,Gender,Address,
Cellphone,FName,FOccupation,MName,MOccupation,DSpoken,BDate,Place,CStatus,Citizenship,
Height,Weight,Religion,EName,EContact,SSS,Pagibig,Philhealth,TIN,Spouse,SOccupation,
ChildNo,C1,A1,C2,A2,Motto,FMovie,FQuotation,FActress,FColor,Moment,FActor,PastTime,FDay,
ESchool,EYG,SSchool,SYG,CSchool,CYG,CCourse,CUG,VSchool,VYG,VCourse,MSchool,MYG,MDegree,
SSkills,STitle1,SAddress1,SDate1,STitle2,SAddress2,SDate2,STitle3,SAddress3,SDate3,
STitle4,SAddress4,SDate4,STitle5,SAddress5,SDate5) values ('" & txtLastName.Text & "','"
& txtFirstName.Text & "','" & txtMiddleName.Text & "','" & txtNickname.Text & "','" & dtpDate.Text & "','" & cboPosition.Text & "','" & cboGender.Text & "','" & txtAddress.Text
& "','" & txtCellphone.Text & "','" & txtFName.Text & "','" & txtFOccupation.Text & "','"
& txtMName.Text & "','" & txtMOccupation.Text & "','" & txtDialects.Text & "','" &
dtpBdate.Text & "','" & txtPlace.Text & "','" & cboCStatus.Text & "','" &
txtCitizenship.Text & "','" & txtHeight.Text & "','" & txtWeight.Text & "','" &
txtReligion.Text & "','" & txtEName.Text & "','" & txtEPhone.Text & "','" & txtSSS.Text &
"','" & txtPagibig.Text & "','" & txtPhilhealth.Text & "','" & txtTin.Text & "','" &
txtSpouse.Text & "','" & txtSOccupation.Text & "','" & txtChildNo.Text & "','" &
txtChild1.Text & "','" & txtAge1.Text & "','" & txtChild2.Text & "','" & txtAge2.Text &
"','" & txtMotto.Text & "','" & txtMovie.Text & "','" & txtQuotation.Text & "','" & txtActress.Text & "','" & txtColor.Text & "','" & txtMoment.Text & "','" & txtActor.Text & "','" & txtPasttime.Text & "','" & txtDay.Text & "','" & txtElemSchool.Text & "','" &
txtElemYG.Text & "','" & txtHSSchool.Text & "','" & txtHSYG.Text & "','" &
txtCollSchool.Text & "','" & txtCollYG.Text & "','" & txtCollDegree.Text & "','" &
txtYearLevel.Text & "','" & txtVocSchool.Text & "','" & txtVocYG.Text & "','" &
txtVocCourse.Text & "','" & txtEMasSchool.Text & "','" & txtEMasYG.Text & "','" &
txtEMasDegree.Text & "','" & txtSSkills.Text & "','" & txtSTTitle1.Text & "','" &
txtSTLoc1.Text & "','" & txtSTDate1.Text & "','" & txtSTTitle2.Text & "','" &
txtSTLoc2.Text & "','" & txtSTDate2.Text & "','" & txtSTTitle3.Text & "','" &
txtSTLoc3.Text & "','" & txtSTDate3.Text & "','" & txtSTTitle4.Text & "','" &
txtSTLoc4.Text & "','" & txtSTDate4.Text & "','" & txtSTTitle5.Text & "','" &
txtSTLoc5.Text & "','" & txtSTDate5.Text & "');"
myr = mycom.ExecuteReader
It always displays this error
#22003Out of range value adjusted for column 'A1' at row 1
Can anyone help me with this one
Change your datatype of age and change your query to parameterized query like this
MySqlCommand m = new MySqlCommand(readCommand);
m.Parameters.Add(new MySqlParameter("LastName", txtLastName.Text));
m.Parameters.Add(new MySqlParameter("FirstName", txtFirstName.Text));
MySqlDataReader r = m.ExecuteReader();
Assuming column A1 is supplied by txtAge1.Text.
The error is likely either A1 being the wrong type eg int and inputting abc. Does txtAge1.Text return a string or an int?
or being the type being too small eg byte and inputting 300
Prevent SQL Injection
The basic pattern according to the MySQL documentation
cmd.CommandText = "INSERT INTO myTable VALUES(NULL, #number)"
cmd.Prepare()
cmd.Parameters.AddWithValue("#number", 1)
cmd.ExecuteNonQuery()
i want to get the id of specific record
this is my code
If DLookup("Full_Name", "tbl_Personal_Information", "Full_Name = Forms!frm_New_Person!F_N") > 0 Then
MSG = MsgBox("this person is existed and his id number is {" & [P_ID] & "} ", vbOKOnly + vbInformation + vbMsgBoxRtlReading, "client database")
Else
strsql101 = "insert into tbl_Personal_Information (Name_English, Father_English, Family_English, Mother_English, P_ID, NName, Father, Family, Mother, Birthdate, Nationality, Record_Number, Record_Place, Address, Mobile1, Mobile2, Phone1, Phone2, Ets_Name) Values ('" & Me.Name_English & "','" & Me.Father_English & "','" & Me.Family_English & "','" & Me.Mother_English & "','" & Me.PID & "','" & Me.NName & "','" & Me.Father & "','" & Me.Family & "','" & Me.Mother & "','" & Me.Birthdate & "','" & Me.Nationality & "','" & Me.Record_Number & "','" & Me.Record_Place & "','" & Me.Address & "','" & Me.Mobile_1 & "', '" & Me.Mobile_2 & "','" & Me.Phone_1 & "', '" & Me.Phone_2 & "','" & Me.Ets_Name & "')"
DoCmd.SetWarnings False
DoCmd.RunSQL strsql101
MSG = MsgBox("information added", vbOKOnly + vbInformation + vbMsgBoxRtlReading, "client database")
everything is OK but the id in the msgbox give me the last id in my table
Doesn't look like you are looking up the P_ID of the record you want.
Should you be doing something like this ?
MSG = MsgBox("this person is existed and his id number is {" & DLookup("[P_ID]", "tbl_Personal_Information", "Full_Name = Forms!frm_New_Person!F_N") & "} ", vbOKOnly + vbInformation + vbMsgBoxRtlReading, "client database")
I've been killing brain cell for over 5 hours with this question.
how to properly save a date from vb.net to mysql date without getting the 0000-00-00all the time.
I have tried multiple suggestions where you format the date value before entering but it gets me the same result ex:
Dim departDate As Date
Dim d As String = Format(departDate, "05/05/2007")
in which i tested and didnt works i still got the 0000-00-00
I've tried:
Dim changeFormatDate As Date
Dim AddFechaListadoCasas2 as String
changeFormatDate = AddCasasListadoDatePicker.Text
AddFechaListadoCasas2 = changeFormatDate.ToString("yyyy-MM-dd")
which still gives me on mysql the 0000-00-00
I also tried this example:
Dim myDate as DateTime = DateTime.ParseExact(x, "yyyy-MM-dd", CultureInfo.CurrentCulture)
and trying to save to mysql still gave me the 0000-00-00
in my program im grabbing the date from a datepicker as text then swtich it to a string and try to save it to the database like that. if necessary i would love to convert it to a date with the format yyyy-MM-dd which is necessary for MySQL but everything i've done above it still shows me the 0000-00-00 which is frustrating.
any help would be very appreciated it.
Leo
here is the MySQL insert statement i have on my program.
AddFechaListadoCasas2 = AddCasasListadoDatePicker.Text
AddFechaCierreCasas2 = AddFechaCierreCasas.Text
SqlVentaCasas = "INSERT INTO VentaCasas (ID, Direccion, Ciudad_Municipio, Zona_Localidad, Barrio, " & _
"Estatus, Precio, Unidad, Departamento, Conjunto, Estrato, Matricula_Inmobiliaria, Cedula_Catastral," & _
"Escritura, Notaria, Ano, Area_Metros_2, Tipo_de_Construccion, Niveles, Habitaciones, Garajes," & _
"Techo, Vista, Picina, Cocina_Integral, Bar, Cuarto_Bano_Servicio, Antejardin, Equipos," & _
"Aire_Acondicionado, Detalles_addicionales, Estilo, Ano_Construccion, Orientacion, Banos, Parqueos," & _
"Piso, Balcon, Jacuzzi_Sauna, Chimenea, Hall_Television, Zona_lavanderia, Patio, Accesorios," & _
"Calefaccion, Administracion, Amenidades, Impuestos, Condiciones, Ocupacion," & _
"Cuota_Administracion, Restricciones, Seguridad, Mostrar, Comision, Fecha_Listado, " & _
"Agente_Cooperante, Fecha_Expiracion, CiudadEscritura, Agente, Licensia, Compania, NumeroPersonal," & _
"NumeroCompania, NumeroFax, Email, AreaLotesM2, PrecioOriginal, Account_Creator, NumeroDias ) VALUES ('" & _
AddIDCasas2 & "','" & _
AddDireccionCasas2 & "','" & AddCiudadCasas2 & "','" & AddZonaCasas2 & "','" & AddBarrioCasas2 & "','" & _
AddEstatusCasas2 & "'," & AddPrecioCasas2 & ",'" & AddUnidadCasas2 & "','" & AddDepartamentoCasas2 & "','" & _
AddConjuntoCasas2 & "'," & AddEstratoCasas2 & ",'" & AddMatriculaCasas2 & "','" & _
AddCedulaCatastralCasas2 & "','" & AddEscrituraCasas2 & "','" & AddNotariaCasas2 & "'," & _
AddAnoCasas2 & "," & AddMetros2Casas2 & ",'" & AddTipoConstruccionCasas2 & "'," & _
AddNivelesCasas2 & "," & AddHabitacionesCasas2 & "," & AddGarajesCasas2 & ",'" & _
AddTechoCasas2 & "','" & AddVistaCasas2 & "','" & AddPicinaCasas2 & "','" & AddCocinaIntegralCasas2 & "','" & _
AddBarCasas2 & "','" & AddCuartoCasas2 & "','" & AddAnteJardinCasas2 & "','" & AddEquiposCasas2 & "','" & _
AddAireAcondicionadoCasas2 & "','" & AddDetallesAddicionalesCasas2 & "','" & AddEstiloCasas2 & "'," & _
AddAnoConstruccionCasas2 & ",'" & AddOrientacionCasas2 & "'," & AddBanoCasas2 & "," & _
AddParqueoCasas2 & ",'" & AddPisoCasas2 & "','" & AddBalconCasas2 & "','" & AddJacuzziCasas2 & "','" & _
AddChimeneaCasas2 & "','" & AddTVCasas2 & "','" & AddZonaLavanderiaCasas2 & "','" & AddPatioCasas2 & "','" & _
AddAccesoriosCasas2 & "','" & AddCalefaccionCasas2 & "','" & AddAdministracionCasas2 & "','" & _
AddAmenidadesCasas2 & "','" & AddImpuestosCasas2 & "','" & AddCondicionesCasas2 & "','" & _
AddOcupacionCasas2 & "','" & AddCuotaAdministracionCasas2 & "','" & AddRestriccionesCasas2 & "','" & _
AddSeguridadCasas2 & "','" & AddMonstrarCasas2 & "','" & AddComisionCasas2 & "','" & _
AddFechaListadoCasas2 & "','" & AddAgenteCooperanteCasas2 & "','" & _
AddFecdhaExpiracionCasas2 & "','" & _
AddCiudadEscrituraCasas2 & "','" & AgenteNameCasas2 & "','" & _
AgenteLicensiaCasas2 & "','" & AgenteCompaniaCasas2 & "','" & _
AgentePersonalCasas2 & "','" & AgenteTelefonoCasas2 & "','" & _
AgenteFaxCasas2 & "','" & AgenteEmailCasas2 & "'," & AddAreaLotesM2Casas2 & "," & AddPrecioOriginalCasas2 & ", '" & AgenteAccountCreatorCasas2 & "', 0 );"
AddFechaListadoCasas2 and AddFecdhaExpiracionCasas2 are Strings that contains the date i want to input on MySQL
Your current query is vulnerable with SQL Injection. Please make use of ADONet Object such as Connection and Command with parameters. To be more specific, since you are using MySQL, use MySQL Data provider. It will automatically cast the data types for you.
Dim query As String = "INSERT INTO tableName (dateColumn) VALUES (#dateParam)"
Using conn As New MySqlConnection("connectionstringHere")
Using comm As New MySqlCommand()
With comm
.Connection = conn
.CommandText = query
.CommandType = Commandtype.Text
' Assuming this is a DatePicker '
.Parameters.AddWithValue("#dateParam", AddCasasListadoDatePicker.Value)
End With
Try
conn.Open()
comm.ExecuteNonQuery()
Catch(ex as MySqlException)
Msgbox(ex.Message.ToString())
End Try
End Using
End Using