Home/ Questions/Q 3311858
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-17T21:55:34+00:00

i have a SQL query as follows String S = Editor1.Content.ToString(); Response.Write(S); string sql

  • 0

i have a SQL query as follows

  String S = Editor1.Content.ToString();
     Response.Write(S);   
    string sql = "insert into testcase.ishan(nmae,orders) VALUES ('9',@S)";
   OdbcCommand cmd = new OdbcCommand(sql, myConn);
            cmd.Parameters.AddWithValue("@S", S); 
            cmd.ExecuteNonQuery();

Error: Column 'orders' cannot be null at System.Data.Odbc.OdbcConnection.HandleError

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Better to use something like:

    var sqlCommandText = "insert into testcase.ishan(nmae,orders) VALUES ('9', @S)";
using (var connection = new SqlConnection())
{
    using (var command = new SqlCommand(sqlCommandText , connection))
    {
        command.Parameters.AddWithValue("@S", S);
        command.ExecuteNonQuery();
    }
}

    The use of parameters prevents SQL injection. Andrews solution does not, I believe.

    ExecuteNonQuery() will return the number of rows affected, if you need it.

    The using statements will take care of disposing the connection properly, so afterwards, you have no open connections anymore. This is because SqlConnection implements IDisposable.

    • 0