String in a SQL String error

mistaken_myst · Nov 3, 2007

Need Help plz.. Here is an Example of my code problems:

Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= "746328" ));" - This gives an error 'End of statement expected

Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= ""746328"" ));" - This solves the problem but it I need a code for:

dim d as String = "746328"
Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= d ));" - gives error

Software Solutions · Nov 3, 2007

dim d as String = "746328"
Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= "'" & d & "'" ));"

I hope this will solve ur Problem.

Take Care
ENJOY

mistaken_myst · Nov 3, 2007

nope, this does not solve my problem.. It displays:

dim d as String = "746328"
Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= " '" & d & "'" ));"

The last part is displayed as a 'comment'

mistaken_myst · Nov 3, 2007

ok.. Thanks - ur idea of using concatenation gave me this idea which is working:

dim d as String = "746328"
Dim str1 As String = "SELECT tblT.* FROM(tblT) WHERE (((tblTs.TelCode)= """ & "d" & """ ));"

Arg81 · Nov 5, 2007

that's because you used ' instead of " in the code....

I assume you don't use the GUI? All you need to do is create a new query dataAdapter that uses SELECT x FROM y WHERE z = @z and then when you call it in your code, simply specify the parameter - i.e. for you 746328.

jmcilhinney · Nov 5, 2007

What you are trying to do is this:

VB.NET:

Dim str1 As String = "SELECT * FROM tblT WHERE TelCode = '746328'"

That said, unless you specifically want to hard-code that value into your app you're going to want to let the user specify a value somehow. In that case you'll be getting the actual value from a variable, so your code should be something like this:

VB.NET:

Dim telCode As String 'Get user input into this variable however is appropriate.

Dim command As New SqlCommand("SELECT * FROM tblT WHERE TelCode = @TelCode", connection)

command.Parameters.Add("@TelCode", telCode)

cjard · Nov 13, 2007

Read the PQ link in my signature. It expands a bit on jmc's post, and why using string concatenation to build an SQL is very very silly idea indeed

String in a SQL String error

mistaken_myst

Active member

Software Solutions

Member

mistaken_myst

Active member

mistaken_myst

Active member

Arg81

Well-known member

jmcilhinney

VB.NET Forum Moderator

cjard

Well-known member

Similar threads

Share this page

Latest posts