vb program insert into >>problem

[istoryansucks]

what cbo gamiton? uns on mani kung mag insert na or update mostly dinhi bya mo dala trigger sa error

[Cometburn]

post the code,suwayan nato kung masulbad ba. unya post sad ang data type sa imong tables.

[emailroy2002]

Private Sub cmdsave_Click()
Dim rs As New ADODB.Recordset
Dim sqlstr As String

rs.Open sqlstr, Conn, adOpenDynamic, adLockOptimistic

sqlstr = " insert into user_act(id,password,uname,date) values ('"&txtid.text&"','"&txtpassword.text"','"&txtunam e.text&"','#"&txtdate.text&"#)"


unsa sayop ani bro...dli man maka save cya data sa database? expert i need ur help

imong txtid.text kay text mana...

try using

dim id as integer
dim password as character

id = txtid.text
password = txtpass.text

sqlstr = " insert into user_act (id,password,uname,date) Values (id,password,unsame,now())"

then ngano gamit man ka "&" ?

kalimot nako ani pero mao raman na ang sql bai..

[rhex_tendo]

'gamit xa & kay iya mn gideretso gkan textbox, wla xa gamit variable...

what cbo gamiton? uns on mani kung mag insert na or update mostly dinhi bya mo dala trigger sa error

'unsay flow diay
'Cometburn >> i second the motion

[sanggano_boy]

imong txtid.text kay text mana...

try using

dim id as integer
dim password as character

id = txtid.text
password = txtpass.text

sqlstr = " insert into user_act (id,password,uname,date) Values (id,password,unsame,now())"

then ngano gamit man ka "&" ?

kalimot nako ani pero mao raman na ang sql bai..

bro, it's the best practice to concatenate strings para sa sql statments, para dili libog asa ang variables.

Cebujobline.com - Cebu's Free job post

[rhex_tendo]

imong txtid.text kay text mana...

try using

dim id as integer
dim password as character

id = txtid.text
password = txtpass.text

sqlstr = " insert into user_act (id,password,uname,date) Values (id,password,unsame,now())"

then ngano gamit man ka "&" ?

kalimot nako ani pero mao raman na ang sql bai..

[SYNCH]

Private Sub cmdsave_Click()
Dim rs As New ADODB.Recordset
Dim sqlstr As String

rs.Open sqlstr, Conn, adOpenDynamic, adLockOptimistic

sqlstr = " insert into user_act(id,password,uname,date)Values ('"&txtid.text&"','"&txtpassword.text"','"&txtunam e.text&"','#"&txtdate.text&"#)"


unsa sayop ani bro...dli man maka save cya data sa database? expert i need ur help

I always wondered why still continue using literal SQL creation rather than using Command and Parameter objects. To avoid this mess, you can always do it like this:

Code:

dim cmd as ADODB.Command
set cmd = new ADODB.Command

set cmd.ActiveConnection = <your_cn_object>

cmd.CommandText = "INSERT INTO <your_table>(Field1,Field2,FieldN) VALUES(pField1,pField2,pFieldN)"

dim p as ADODB.Parameter
set p = cmd.CreateParameter("pField1", <field_data_type>,, <field_size>, <value>)
cmd.Parameters.Append p

set p = cmd.CreateParameter("pField2", <field_data_type>,, <field_size>, <value>)
cmd.Parameters.Append p

set p = cmd.CreateParameter("pFieldN", <field_data_type>,, <field_size>, <value>)
cmd.Parameters.Append p

cmd.Execute ' Perform save

No hassles on quotes, hashes to delimit dates, etc. The parameter object will automatically use the correct delimiter based on your database provider. It also protects you from injection attacks. And if you decide to try stored procedures, you could easily just turn the CommandText into Stored Procedure and assign the correct CommandType and your parameters will still stay the same.

NOTE: ADO is stricter in terms of supplying the correct data type for a parameter, it is even required. Unlike ADO.NET or DAO, the parameter object automatically resolves the data type.

[Cometburn]

@SYNCH: IMHO, Creating a query string is much easier for me and i can do an insert with few lines of code.

This is an example.

str = "Insert Into tblPurchaseOrder" & _
"(PoDate, PTypeID, PoNo, RefNo, SupID, DeliveryDate, EmpID, AppID, Terms) VALUES " & _
"('" & Format(dtDate, "mm-dd-yyyy") & "'," & _
"1,'" & Replace(txtPoNo, "'", "`") & "'," & _
"'" & Replace(txtRef, "'", "`") & "'," & _
"" & cboSupplier.DataField & ", " & _
"'" & Format(dtDelivery, "mm-dd-yyyy") & "'," & _
"" & EmpID & ", " & Comproc.GetField("select AppId from tblApprove where Active = 1") & ", '" & Replace(txtTerms, "'", "`") & "')"

adoConn.Execute str

[SYNCH]

@SYNCH: IMHO, Creating a query string is much easier for me and i can do an insert with few lines of code.

This is an example.

str = "Insert Into tblPurchaseOrder" & _
"(PoDate, PTypeID, PoNo, RefNo, SupID, DeliveryDate, EmpID, AppID, Terms) VALUES " & _
"('" & Format(dtDate, "mm-dd-yyyy") & "'," & _
"1,'" & Replace(txtPoNo, "'", "`") & "'," & _
"'" & Replace(txtRef, "'", "`") & "'," & _
"" & cboSupplier.DataField & ", " & _
"'" & Format(dtDelivery, "mm-dd-yyyy") & "'," & _
"" & EmpID & ", " & Comproc.GetField("select AppId from tblApprove where Active = 1") & ", '" & Replace(txtTerms, "'", "`") & "')"

adoConn.Execute str

I always favor someone's code that I can read without twisting my eyes because of missing quotes, etc. Isn't it frustrating when you spent hours of checking/validating the query yet you only missed a quote? This is even harder when months later refactoring/tracing which value maps to which field.

In your example, if txtRef is of some value like REF1'2, how is it being saved? Aren't you changing the data? Supposedly, Format() shouldn't be used to alter and save dates, let the system handle it for you.

[Cometburn]

So you are saying that the way i do coding is wrong? if So, can you tell me how to correct the way i do insertion on a sql server?