Why won't this asp.net/ado.net/ms access 2003 insert work?

I am very new to the world of Access and have been trying to get an asp.net application to insert a record into a table. I keep getting an error stating :

Syntax error in INSERT INTO statement

I have checked my insert statement over many times and if I actually print it to the page and then copy it onto the clipboard.  Then, I go into the Access db and enter it in the SQL window, it inserts just fine.  

Here is the SQL:

insert into users (username, password, nickname) values ('testuser','testpwd','testnickname')

That table(users) looks like this:

uid                              autonumber (pk)
username                    text (pk)
password                     text
nickname                     text

I created this table new this morning and have not done anything in regards to security. I have not difficulty retrieving data from the table. Here is the code I am using:

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim oConn As OleDbConnection
        Dim sql As String
        Dim cmdInsert As OleDbCommand

        sql = "insert into users (username, password, nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"

        Try
            oConn = New OleDbConnection("Provider=Microsoft.JET.OLEDB.4.0;data source=C:\testing.mdb;")
            cmdInsert = New OleDbCommand(sql, oConn)
            oConn.Open()
            cmdInsert.ExecuteNonQuery()
        Catch err As Exception
            lblError.Text = sql
        Finally
            oConn.Close()
        End Try
    End Sub

Am I just having problems because whatever user is opening the database does not have insert priviledges?  If so, how would I set it up so that they do?
asfiloAsked:
Who is Participating?
 
Sashi RachabattulaConnect With a Mentor SCRUM Master, .NET Project LeadCommented:
Here are two cases

first one is the check for the permission of mdb file if it has only read only permission
give permission to  IUSER_MACHINENAME user

second case

Avoid writing raw sql quries with in code  like

sql = "insert into users (username, password, nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"


instead  use parameters in query example:

sql = "insert into users (username, password, nickname) values (@username,@password,@nickname)"

commandname=new oldbcommand(sql,connection)
commandname.Add(@username,txtUsername.Text )
commandname.Add(@password,txtPassword.Text )
commandname.Add(@nikname,txtNickname.Text )
connection.open()
commandname.ExecuteNonQuerry()


0
 
mmarinovConnect With a Mentor Commented:
the user that will open the mdb from your web application is just one - the user that asp.net process is running under
go to %windows%/microsoft.net/framework/v.1.x.xxxx/config/machine.config
search there for the processModel tag and what user is set there under userName

so you have to set appropriate permissions to the mdb file for this user only and your application will work

B..M
0
 
Sashi RachabattulaSCRUM Master, .NET Project LeadCommented:
Oops its


commandname.Parameters.Add(@username,txtUsername.Text )
commandname.Parameters.Add(@password,txtPassword.Text )
commandname.Parameters.Add(@nikname,txtNickname.Text )
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Sashi RachabattulaSCRUM Master, .NET Project LeadCommented:

Oh parameter should be in double quotes

commandname.Parameters.Add("@username",txtUsername.Text )
commandname.Parameters.Add("@password",txtPassword.Text )
commandname.Parameters.Add("@nickname",txtNickname.Text )
0
 
Sashi RachabattulaSCRUM Master, .NET Project LeadCommented:
Table structure shows that username is PK


uid                              autonumber (pk)
username                    text (pk)
password                     text
nickname                     text

Are u validating for unique username before inserting a new record??
0
 
asfiloAuthor Commented:
When I check the database file properties, the read-only box is not checked, is this the only place where permissions on that file can be set?  If not, could you tell me where else to check?  

I modified my sql to utilize the parameters as well, and that did not correct the issue I am having.

Any other ideas?
0
 
asfiloAuthor Commented:
I figured out how to assign ISUR_MACHINENAME permission to the db file (and its directory), but that has not seemed to fix the issue either.
0
 
Volkan VardarSoftware Team LeaderCommented:
try

sql = "insert into users ([username], [password], nickname) values ('" & _
                     txtUsername.Text & "','" & _
                     txtPassword.Text & "','" & _
                     txtNickname.Text & "')"

because username and password are variables that MS Access uses.
good luck
0
All Courses

From novice to tech pro — start learning today.