Solved

VB.Net 2008 - Need help with OleDbDataReader ERROR. Thanks

Posted on 2013-01-26
3
351 Views
Last Modified: 2013-01-27
I get the following error when I'm stepping through my code on line 14 "An unhandled exception of type 'System.Data.OleDb.OleDbException' occured in System.Data.dll
Additional information: Data type mismatch in criteria expression

My DataGridView has several columns, the first column is my ClientID. When I double click on the row it runs the following code. Does anyone know why I'm getting this mismatch in criteria expression error?
In my Access database my ClientID is an integer so I don't think the mismatch is between the variable 'id' and the ClientID.

Private Sub DataGridView1_CellContentClick(ByVal sender As System.Object, ByVal e As System.Windows.Forms.DataGridViewCellEventArgs) Handles DataGridView1.CellDoubleClick

1.    Dim MyOleDbConnection As String = My.Settings.dbConnection
2.    Dim dbConnection As New OleDbConnection
3.    dbConnection.ConnectionString = MyOleDbConnection
4.
5.    dbConnection.Open()
6.    If e.RowIndex >= 0 Then
7.
8.          Dim id As Integer = DataGridView1("ClientID", e.RowIndex).Value
9.
10.          'Make the SQL Query using the ID
11.       Dim strSQL As String = "SELECT * FROM Clients WHERE ClientID = '" & id & "'"
12.
13.       Dim cmdSelect As New Data.OleDb.OleDbCommand(strSQL, dbConnection)
14.       Dim OleDbReader As Data.OleDb.OleDbDataReader = cmdSelect.ExecuteReader()
0
Comment
Question by:rfgraham
3 Comments
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
Comment Utility
try:

Dim strSQL As String = String.Format("SELECT * FROM Clients WHERE ClientID = {0}", id)

Open in new window

0
 
LVL 6

Expert Comment

by:esolve
Comment Utility
Your id is being handled as a string. You code generates this:

SELECT * FROM Clients WHERE ClientID = '2'

When it should generate this

SELECT * FROM Clients WHERE ClientID = 2

@sedgwick is correct

Your code is still  prone to sql injection. You should rather use sql parameters.

SelectCommand.Parameters.Add(
    "@SerialNum", SqlDbType.Int).Value = 239;


http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlparameter.aspx
0
 

Author Closing Comment

by:rfgraham
Comment Utility
Brilliant, worked like a charm. Thank you!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Entering a date in Microsoft Access can be tricky. A typo can cause month and day to be shuffled, entering the day only causes an error, as does entering, say, day 31 in June. This article shows how an inputmask supported by code can help the user a…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now