Solved

VB.Net 2008 - Need help with OleDbDataReader ERROR. Thanks

Posted on 2013-01-26
3
354 Views
Last Modified: 2013-01-27
I get the following error when I'm stepping through my code on line 14 "An unhandled exception of type 'System.Data.OleDb.OleDbException' occured in System.Data.dll
Additional information: Data type mismatch in criteria expression

My DataGridView has several columns, the first column is my ClientID. When I double click on the row it runs the following code. Does anyone know why I'm getting this mismatch in criteria expression error?
In my Access database my ClientID is an integer so I don't think the mismatch is between the variable 'id' and the ClientID.

Private Sub DataGridView1_CellContentClick(ByVal sender As System.Object, ByVal e As System.Windows.Forms.DataGridViewCellEventArgs) Handles DataGridView1.CellDoubleClick

1.    Dim MyOleDbConnection As String = My.Settings.dbConnection
2.    Dim dbConnection As New OleDbConnection
3.    dbConnection.ConnectionString = MyOleDbConnection
4.
5.    dbConnection.Open()
6.    If e.RowIndex >= 0 Then
7.
8.          Dim id As Integer = DataGridView1("ClientID", e.RowIndex).Value
9.
10.          'Make the SQL Query using the ID
11.       Dim strSQL As String = "SELECT * FROM Clients WHERE ClientID = '" & id & "'"
12.
13.       Dim cmdSelect As New Data.OleDb.OleDbCommand(strSQL, dbConnection)
14.       Dim OleDbReader As Data.OleDb.OleDbDataReader = cmdSelect.ExecuteReader()
0
Comment
Question by:rfgraham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 38823594
try:

Dim strSQL As String = String.Format("SELECT * FROM Clients WHERE ClientID = {0}", id)

Open in new window

0
 
LVL 6

Expert Comment

by:esolve
ID: 38823690
Your id is being handled as a string. You code generates this:

SELECT * FROM Clients WHERE ClientID = '2'

When it should generate this

SELECT * FROM Clients WHERE ClientID = 2

@sedgwick is correct

Your code is still  prone to sql injection. You should rather use sql parameters.

SelectCommand.Parameters.Add(
    "@SerialNum", SqlDbType.Int).Value = 239;


http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlparameter.aspx
0
 

Author Closing Comment

by:rfgraham
ID: 38825088
Brilliant, worked like a charm. Thank you!
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Web page design problem 3 37
Best book for Internet security 4 46
wrapping text in datagridview header columns 1 26
Background worker passing messagebox yes no 13 22
Entering a date in Microsoft Access can be tricky. A typo can cause month and day to be shuffled, entering the day only causes an error, as does entering, say, day 31 in June. This article shows how an inputmask supported by code can help the user a…
Whether you’re a college noob or a soon-to-be pro, these tips are sure to help you in your journey to becoming a programming ninja and stand out from the crowd.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question