Error with Visual Studio and SQL Server 2008

StackOverflow https://stackoverflow.com/questions/18035577

Вопрос

I get this error when I debug the code of my website. My goal is to insert data into SQL Server 2008 database.

Source error : 

    objcnd.Parameters.Add(New SqlParameter("@username", strun))
    Ligne 22 :         objcnd.Parameters.Add(New SqlParameter("@password", strpw))
    Ligne 23 :         objcnd.ExecuteNonQuery()
    Ligne 24 :         'close connection
    Ligne 25 :         objconnection.Close()

the error

[SqlException (0x80131904): Incorrect syntax near '?'.]
System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) +2030802
System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +5009584
System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning() +234
System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +2275
.....

The code source written in vb.net 

Imports System
Imports System.Data
Imports System.Data.SqlClient

Partial Class index
   Inherits System.Web.UI.Page

Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs)   Handles Button1.Click
    Dim strun As String = Request.Form("username")
    Dim strpw As String = Request.Form("password")

    Dim objconnection As SqlConnection = Nothing
    Dim objcnd As SqlCommand = Nothing
    Dim strconnection As String, strSQL As String
    'connection string 
    strconnection = ("Data Source=myPC-PC;Database=mytempDB;Integrated Security=true ")
    objconnection = New SqlConnection(strconnection)
    objconnection.ConnectionString = strconnection
    objconnection.Open()
    strSQL = "insert into userTD(username,password) values(?,?)"
    objcnd = New SqlCommand(strSQL, objconnection)
    objcnd.Parameters.Add(New SqlParameter("@username", strun))
    objcnd.Parameters.Add(New SqlParameter("@password", strpw))
    objcnd.ExecuteNonQuery()
    'close connection
    objconnection.Close()
    Response.Write("Entered Successfully ! ")

End Sub
End Class

Thanks in advance .

Это было полезно?

Решение

Use placeholders with the same name of the parameters for SqlClient engine

strSQL = "insert into userTD(username,password) values(@username,@password)"

Also, I suggest you to use the using statement for the connection (better for all disposable objects, but the connection is a big problem if you get an exception and it remains open)

Using objconnection = New SqlConnection(strconnection)
   ......

   objcnd.ExecuteNonQuery()

   ' No need to close explicititly the connection, ' 
   ' the following End Using statement takes care of that'
   ' also in case of exceptions.....'
End Using
Лицензировано под: CC-BY-SA с атрибуция
Не связан с StackOverflow
scroll top