Solved

Why won't this asp.net/ado.net/ms access 2003 insert work?

Posted on 2004-04-29
8
220 Views
Last Modified: 2010-04-07
I am very new to the world of Access and have been trying to get an asp.net application to insert a record into a table. I keep getting an error stating :

Syntax error in INSERT INTO statement

I have checked my insert statement over many times and if I actually print it to the page and then copy it onto the clipboard.  Then, I go into the Access db and enter it in the SQL window, it inserts just fine.  

Here is the SQL:

insert into users (username, password, nickname) values ('testuser','testpwd','testnickname')

That table(users) looks like this:

uid                              autonumber (pk)
username                    text (pk)
password                     text
nickname                     text

I created this table new this morning and have not done anything in regards to security. I have not difficulty retrieving data from the table. Here is the code I am using:

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim oConn As OleDbConnection
        Dim sql As String
        Dim cmdInsert As OleDbCommand

        sql = "insert into users (username, password, nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"

        Try
            oConn = New OleDbConnection("Provider=Microsoft.JET.OLEDB.4.0;data source=C:\testing.mdb;")
            cmdInsert = New OleDbCommand(sql, oConn)
            oConn.Open()
            cmdInsert.ExecuteNonQuery()
        Catch err As Exception
            lblError.Text = sql
        Finally
            oConn.Close()
        End Try
    End Sub

Am I just having problems because whatever user is opening the database does not have insert priviledges?  If so, how would I set it up so that they do?
0
Comment
Question by:asfilo
8 Comments
 
LVL 28

Assisted Solution

by:mmarinov
mmarinov earned 100 total points
ID: 10954233
the user that will open the mdb from your web application is just one - the user that asp.net process is running under
go to %windows%/microsoft.net/framework/v.1.x.xxxx/config/machine.config
search there for the processModel tag and what user is set there under userName

so you have to set appropriate permissions to the mdb file for this user only and your application will work

B..M
0
 
LVL 4

Accepted Solution

by:
Sashi Rachabattula earned 150 total points
ID: 10954489
Here are two cases

first one is the check for the permission of mdb file if it has only read only permission
give permission to  IUSER_MACHINENAME user

second case

Avoid writing raw sql quries with in code  like

sql = "insert into users (username, password, nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"


instead  use parameters in query example:

sql = "insert into users (username, password, nickname) values (@username,@password,@nickname)"

commandname=new oldbcommand(sql,connection)
commandname.Add(@username,txtUsername.Text )
commandname.Add(@password,txtPassword.Text )
commandname.Add(@nikname,txtNickname.Text )
connection.open()
commandname.ExecuteNonQuerry()


0
 
LVL 4

Expert Comment

by:Sashi Rachabattula
ID: 10954496
Oops its


commandname.Parameters.Add(@username,txtUsername.Text )
commandname.Parameters.Add(@password,txtPassword.Text )
commandname.Parameters.Add(@nikname,txtNickname.Text )
0
 
LVL 4

Expert Comment

by:Sashi Rachabattula
ID: 10954516

Oh parameter should be in double quotes

commandname.Parameters.Add("@username",txtUsername.Text )
commandname.Parameters.Add("@password",txtPassword.Text )
commandname.Parameters.Add("@nickname",txtNickname.Text )
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:Sashi Rachabattula
ID: 10954533
Table structure shows that username is PK


uid                              autonumber (pk)
username                    text (pk)
password                     text
nickname                     text

Are u validating for unique username before inserting a new record??
0
 

Author Comment

by:asfilo
ID: 10960357
When I check the database file properties, the read-only box is not checked, is this the only place where permissions on that file can be set?  If not, could you tell me where else to check?  

I modified my sql to utilize the parameters as well, and that did not correct the issue I am having.

Any other ideas?
0
 

Author Comment

by:asfilo
ID: 10961056
I figured out how to assign ISUR_MACHINENAME permission to the db file (and its directory), but that has not seemed to fix the issue either.
0
 
LVL 6

Expert Comment

by:vardium
ID: 11097174
try

sql = "insert into users ([username], [password], nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"

because username and password are variables that MS Access uses.
good luck
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now