Home/ Questions/Q 8710051
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T04:31:25+00:00

When I run the code below I keep getting the error message: Syntax error

  • 0

When I run the code below I keep getting the error message: Syntax error (missing operator) in query expression. What am I doing wrong?

con = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Database1.accdb"
connOledb.ConnectionString = con

connOledb.Open()
command = New OleDb.OleDbCommand("INSERT INTO Artikels VALUES('1'," + txtOmsch.Text + _
                   "','" + txtCat.Text + "','" + txtAPE.Text + _
                   "','" + txtMarge.Text + "','" + txtVPE.Text + _
                   "','" + txtEen.Text + "','" + txtLen.Text + _
                   "','" + txtBreed.Text + "','" + txtDiep.Text + _
                   txtOmsch.Text + "');")

command.Connection = connOledb
command.ExecuteNonQuery()
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    you have missed a single quote for the second value. try this,

    command = New OleDb.OleDbCommand("INSERT INTO Artikels VALUES('1','" + txtOmsch.Text + _
                               "','" + txtCat.Text + "','" + txtAPE.Text + _
                               "','" + txtMarge.Text + "','" + txtVPE.Text + _
                               "','" + txtEen.Text + "','" + txtLen.Text + _
                               "','" + txtBreed.Text + "','" + txtDiep.Text + _
                               txtOmsch.Text + "');")

    your code is vulnerable with sql injection, please use parameterized query since you are using ADO.NET, better try this code below,

    Dim con As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Database1.accdb"  
Dim query As String = "INSERT INTO Artikels VALUES(@val1, @Omsch, @Cat, @Ape, @VPE, @Een, @len, @breed, @diep,@Omsch)")

Using connOledb As New OleDbConnection(con)
    Using  command As New OleDbCommand()
        With command
            .Connection = con
            .CommandType = CommandType.Text
            .CommandText = query
            .Parameters.AddWithValue("@val1",1)
            .Parameters.AddWithValue("@Omsch",txtOmsch.Text)
            .Parameters.AddWithValue("@Cat",txtCat.Text)
            .Parameters.AddWithValue("@Ape",txtAPE.Text)
            .Parameters.AddWithValue("@VPE",txtVPE.Text)
            .Parameters.AddWithValue("@Een",txtEen.Text )
            .Parameters.AddWithValue("@len",txtLen.Text)
            .Parameters.AddWithValue("@breed",txtBreed.Text)
            .Parameters.AddWithValue("@diep",txtDiep.Text)
        End with
        Try
            connOledb.Open()
            command.ExecuteNonQuery()
        Catch(ex as OleDBException)
            Msgbox(ex.Message.Tostring())
        End Try
    End Using
End Using

    or Add

    .Add("@Omsch", OleDbType.VarChar, 30).Value = txtOmsch.Text
    • 0