romasha ali

romasha ali

  • 2k
  • 94
  • 32.4k

about ExecuteNonQuery in C#

May 12 2013 5:10 PM
what happened to this code? when i run this its error below...

Server Error in '/WebSite5' Application.

Incorrect syntax near 's'.
Unclosed quotation mark after the character string ')'.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Data.SqlClient.SqlException: Incorrect syntax near 's'.
Unclosed quotation mark after the character string ')'.

Source Error:

Line 62:         // SqlCommand  cm = new SqlCommand("insert into profile values('" +cls.Text +"','" +semester.Text +"')", con);
Line 63:         //con.Open();
Line 64:         cmd.ExecuteNonQuery();
Line 65:        //cm.ExecuteNonQuery();
Line 66:        // con.Close();



and my code is...... 



using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class courses : System.Web.UI.Page
{
   
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
        
        protected void Page_Load(object sender, EventArgs e)
      {
          con.Open();
      }
    protected void Button1_Click(object sender, EventArgs e)
    {
     
        SqlCommand cmd = new SqlCommand("insert into profile values('"+name.Text+ "','" +fname.Text+ "','"+ep.Text+ "','"+cls.Text+ "','"+semester.Text+ "')", con);
      
        cmd.ExecuteNonQuery();
     
        string s1 = string.Empty;
        foreach (ListItem item in this.checkbox.Items)
        {
            if (item.Selected)
            {
                s1 = item.ToString();
                SqlCommand  com = new SqlCommand("Insert into profile(courseId) values('" + s1 + "')", con);
              
                com.ExecuteNonQuery();
             
            }
        } Response.Write("Inserted Successfully");

    }
   
}

Answers (4)