Solved

Urgent 500 points!  SqlException: Incorrect syntax near '?'

Posted on 2006-06-22
2
611 Views
Last Modified: 2008-01-09
Does anyone see what's wrong with this code snippet that would cause an "SqlException: Incorrect syntax near '?'" when executing the DataAdapter.Update method?

    private Guid SetupProject(SqlConnection msSql, string projectName)
    {
        Guid guid;
        // See if the project exists
        SqlDataAdapter da = new SqlDataAdapter(
            "SELECT id, name FROM Project WHERE name = '" + projectName + "'",msSql);
        DataSet ds = new DataSet();
        da.Fill(ds, "Project");
        if (ds.Tables[0].Rows.Count == 0)
        {
            // Project does not exist, add it.
            da.InsertCommand = msSql.CreateCommand();
            da.InsertCommand.CommandText =
                "INSERT INTO Project (id, name) VALUES (?,?)";
            da.InsertCommand.Connection = msSql;
            da.InsertCommand.Parameters.Add(
                new System.Data.SqlClient.SqlParameter("id", SqlDbType.UniqueIdentifier, 0, "id"));
            da.InsertCommand.Parameters.Add(
                new System.Data.SqlClient.SqlParameter("name", SqlDbType.NVarChar, 0, "name"));

            DataRow newRow = ds.Tables[0].NewRow();
            guid = System.Guid.NewGuid();
            newRow["id"] = guid;
            newRow["name"] = projectName;
            ds.Tables[0].Rows.Add(newRow);
            da.Update(ds, "Project");
        }
        else
            guid = (Guid)ds.Tables[0].Rows[0]["id"];

        ds.Dispose();
        da.Dispose();

        return guid;
    }

0
Comment
Question by:tkendall57
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 70

Assisted Solution

by:Éric Moreau
Éric Moreau earned 150 total points
ID: 16962977
Hi tkendall57,

shouldn't it be
 da.InsertCommand.CommandText =
                 "INSERT INTO Project (id, name) VALUES (@id,@name)";


Cheers!
0
 
LVL 12

Accepted Solution

by:
topdog770 earned 350 total points
ID: 16963379

// this line should be
new System.Data.SqlClient.SqlParameter("id", SqlDbType.UniqueIdentifier, 0, "id"));

// like this                                          // param name                                    // column name in db
new System.Data.SqlClient.SqlParameter("@id", SqlDbType.UniqueIdentifier, 0, "id"));
new System.Data.SqlClient.SqlParameter("@name", SqlDbType.NVarChar, 0, "name"));


// this should be...
  da.InsertCommand.CommandText =
                "INSERT INTO Project (id, name) VALUES (?,?)";

// like this..
  da.InsertCommand.CommandText =
                "INSERT INTO Project (id, name) VALUES (@id,@name)";

In my limited perspective( Oracle user), Oracle will allow the ? marks.. and actually doesn't work with the names and Sql works with names but not (?? I don't think supports the question mark approach )

Very simple and quick overview..
http://www.csharp-station.com/Tutorials/AdoDotNet/Lesson06.aspx
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Hi all and welcome to my first article on Experts Exchange. A while ago, someone asked me if i could do some tutorials on object oriented programming. I decided to do them on C#. Now you may ask me, why's that? Well, one of the re…
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question