Home/ Questions/Q 8081371
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T16:42:39+00:00

I have my SQLite db storing my info and it works ok. However I

  • 0

I have my SQLite db storing my info and it works ok. However I want to use Parameter.

I modify this line to set the values and works ok:

cmd.CommandText = String.Format("INSERT INTO users ("+data[0]+", "+data[1]+") VALUES (@4,@5);");
p = new SQLiteParameter("@4", System.Data.DbType.String);
p.Value = data[4];
cmd.Parameters.Add(p);
p = new SQLiteParameter("@5", System.Data.DbType.String);
p.Value = data[5];
cmd.Parameters.Add(p);

ERROR: But if I want to use Parameter to the column’s names it say there’s a syntax error near "@0":

cmd.CommandText = String.Format("INSERT INTO users (@0, @1) VALUES (@4,@5);");
    p = new SQLiteParameter("@0", System.Data.DbType.String);
    p.Value = data[0];
    cmd.Parameters.Add(p);
    p = new SQLiteParameter("@1", System.Data.DbType.String);
    p.Value = data[1];
    cmd.Parameters.Add(p);
    p = new SQLiteParameter("@4", System.Data.DbType.String);
    p.Value = data[4];
    cmd.Parameters.Add(p);
    p = new SQLiteParameter("@5", System.Data.DbType.String);
    p.Value = data[5];
    cmd.Parameters.Add(p);

It’s possible to use Parameter in this case? What’s wrong with the code?

Thanks for your help!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You cannot parameterize column names. first approach is ok.

    OR you can send all these as parameters to stored procedure and build query dynamically at db level and execute.

    • 0