Home/ Questions/Q 6621687
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T21:17:59+00:00

I’m writing some code updating database with a SQL statement that has some placeholders

  • 0

I’m writing some code updating database with a SQL statement that has some placeholders . But it doesn’t seem to update these placeholders.

I got the following error:

Cannot update '@columnName'; field not updateable

Here is the method:

    public void updateDoctorTableField(string columnName, string newValue, string vendorNumber) {
        sqlStatement = "update Doctor set @columnName = @newValue where `VENDOR #` = @vendorNumber;";
        try {
            _command = new OleDbCommand(sqlStatement, _connection);
            _command.Parameters.Add("@columnName", OleDbType.WChar).Value = columnName;
            _command.Parameters.Add("@newValue", OleDbType.WChar).Value = newValue;
            _command.Parameters.Add("@vendorNumber", OleDbType.WChar).Value = vendorNumber;

            _command.ExecuteNonQuery();
        } catch (Exception ex) {
            processExeption(ex);
        } finally {
            _connection.Close();
        }
    }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Not all parts of the query are parameterisable.

    You can’t parametrise the name of the column. This needs to be specified explicitly in your query text.

    If this is sent via user input you need to take care against SQL Injection. In fact in any event it would be best to check it against a whitelist of known valid column names.

    • 0