How to delete value from table when having multiple conditions?

Question

I'm trying to delete all data from Table where index=Textbox1.Text and idnmb=Textbox2.Text When I remove this part + "AND id_nmb = " + data2 it works but not what I want.

I have this code :

private void button1_Click(object sender, RoutedEventArgs e)
        {
            var data1 = this.textBox1.Text;
            var data2 = this.textBox2.Text;


            OleDbCommand cmd = new OleDbCommand("DELETE FROM Table WHERE index = " + data1 + "AND idnmb = " + data2 , con);

            cmd.Connection = con;

            int temp = cmd.ExecuteNonQuery();

            if (temp > 0)
            {
                MessageBox.Show("OK !");
            }
            else
            {
                MessageBox.Show("Some error !");
            }
        }
        }

It gives me this message : No value given for one or more required parameters. Any idea how to solve this ?

Answer 1

The short answer is likely that you need a space before AND in your string. It looks like you assume numbers will be entered in each of the textboxes, but you don't enforce that, so different errors may occur depending on the content of those textboxes.

The longer answer is DON'T DO IT THIS WAY! You're opening up your code to SQL Injection attacks. Use parameterized queries instead as shown in this reference.