Question
I have the following code that I am using to insert a number of rows into a database:
https://stackoverflow.com/questions/23342889
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian _conn.Open();
SqlCommand command = new SqlCommand(_insert[0].ToString(), _conn);
command.Parameters.AddRange((_insert[1] as List<SqlParameter>).ToArray());
Int32 rowsAffected = command.ExecuteNonQuery();
_conn.Close();
The command (_insert[1].ToString()) is:
"INSERT INTO Candidate (id, name) VALUES ({0},{1}),({2},{3}),({4},{5}),({6},{7}),
({8},{9}),({10},{11}),({12},{13}),({14},{15}),({16},{17}),({18},{19}),({20},{21}),
({22},{23}),({24},{25}),({26},{27}),({28},{29}),({30},{31}),({32},{33}),({34},{35}),
({36},{37}),({38},{39})"
and the command parameters are like this (from VS debug):
[0] - ParameterName = "0", SqlDbType = BigInt, Value = 21400
[1] - ParameterName = "1", SqlDbType = NVarChar, Value = "Dan Smith"
[2] - ParameterName = "2", SqlDbType = BigInt, Value = 21401
[3] - ParameterName = "3", SqlDbType = NVarChar, Value = "Doug Smith"
[4] - ParameterName = "4", SqlDbType = BigInt, Value = 21402
[5] - ParameterName = "5", SqlDbType = NVarChar, Value = "Danielle Smith"
The error I am getting is "Incorrect syntax near '0'." Can someone tell me what is causing this?
In case it matters here is where I am creating the parameter array (separate function that iterates over JSON returned from API):
foreach (KeyValuePair<string, object> _attribute in _field)
{
// '_score' is an attribute included with each entity when doing a search
// indicating the matching score of the query, we don't want this in the database
if (_attribute.Key.ToString() != "_score")
{
_insertQuery.AppendFormat("{{{0}}},", _paramNumber);
_paramValues.Add(new SqlParameter(_paramNumber.ToString(), _attribute.Value));
_paramNumber++;
}
}
return new object[] {_insertQuery.ToString(), _paramValues };
I am doing this as I am retrieving various objects from an API and then inserting into a local database. I cannot create a class for each of these objects (requirements are to make this generic).
UPDATE:
I updated the code to prepend the _paramNumber with "@" so each parameter is now @0, @1, etc. and I am now getting this error:
"Incorrect syntax near '@0'."
The insert statement is as follows:
"INSERT INTO Candidate (id, name) VALUES ({@0},{@1}),({@2},{@3}),({@4},{@5}),({@6},{@7}),
({@8},{@9}),({@10},{@11}),({@12},{@13}),({@14},{@15}),({@16},{@17}),({@18},{@19}),
({@20},{@21}),({@22},{@23}),({@24},{@25}),({@26},{@27}),({@28},{@29}),({@30},{@31}),
({@32},{@33}),({@34},{@35}),({@36},{@37}),({@38},{@39})"
and the parameters are like this:
[0] - ParameterName = "@0", SqlDbType = BigInt, Value = 21400
[1] - ParameterName = "@1", SqlDbType = NVarChar, Value = "Dan Smith"
[2] - ParameterName = "@2", SqlDbType = BigInt, Value = 21401
[3] - ParameterName = "@3", SqlDbType = NVarChar, Value = "Doug Smith"
[4] - ParameterName = "@4", SqlDbType = BigInt, Value = 21402
[5] - ParameterName = "@5", SqlDbType = NVarChar, Value = "Danielle Smith"
Solution
If you are using direct parameters in your query and not formatting the query string itself with String.Format, you should only use parameters with the format @parameterName in your query, like so.
"INSERT INTO Candidate (id, name) VALUES (@0,@1),(@2,@3),(@4,@5),(@6,@7),
(@8,@9),(@10,@11),(@12,@13),(@14,@15),(@16,@17),(@18,@19),
(@20,@21),(@22,@23),(@24,@25),(@26,@27),(@28,@29),(@30,@31),
(@32,@33),(@34,@35),(@36,@37),(@38,@39)"
OTHER TIPS
From what I infer from your question, you are trying to use {number} as parameter names. Which I personally don't think is valid.
You should use @yourParameterName
