Insert Statement is showing error "Incorrect syntax near ="

Question

I am trying to insert values of checkboxlist into transaction table but it's showing me error that

InCorrect Syntax Near '='.

if (cblAmenity.SelectedIndex >= 0)
{
    for (int i = 0; i < cblAmenity.Items.Count; i++)
    {
        if (cblAmenity.Items[i].Selected)
        {
            ds = obj.sel("Select MAX(PropertyId) AS PrptId from tblPropertyMaster");
            string a = ds.Tables[0].Rows[0]["PrptId"].ToString();
            string nature = "Sell";
            obj.insert("insert into tblAmenityToPropertyTransaction Values (AmenityName=" + i + " , PropertyId=" + a + " , Nature='" + nature + "')");
        }
    }
}

Any help appreciated.

Thats not the correct syntax – Tjaart van der Walt Apr 12 '14 at 20:26 — Tjaart van der Walt, Apr 12 '14 at 20:26
What is the type of `obj`? – Rowland Shaw Apr 12 '14 at 20:30 — Rowland Shaw, Apr 12 '14 at 20:30

score 4 · Accepted Answer · edited May 23 '17 at 12:27

4

INSERT INTO in sql server doesn't work in that way

 INSERT INTO table VALUES(value1, value2, value3)

not

 INSERT INTO table VALUES(field=value, field1=value1....)

However, apart from this, try to use always a parameterized query.
In your wrong syntax you use a string concatenation to build your command, but this is an open door to Sql Injection and infinte source of problems when the values concatenated in your string contains invalid characters (for example a single quote inside a string)

edited May 23 '17 at 12:27

Community

1
1

answered Apr 12 '14 at 20:27

Steve

213,761
22
232
286

Ohh sosorry sir, even though i've done this so many time as per your syntax i just forget syntax of insert statement because of frustration :( – Chiraag Apr 12 '14 at 20:31
The curious thing is that a syntax like that is supported by MySql – Steve Apr 12 '14 at 20:33

score 0 · Answer 2 · answered Apr 12 '14 at 20:28

You are using wrong INSERT statement syntax,

Example Insert statement

insert into table1(col1, col2)
values (val1,val2);

Your statement should be

"insert into tblAmenityToPropertyTransaction (AmenityName,PropertyId, Nature)
Values (" + i + " ," + a + " , '" + nature + "')"

And please use parameterized SQL statements

score 0 · Answer 3 · edited Apr 13 '14 at 02:15

0

You can use the following code:

Insert into tblAmenityToPropertyTransaction (AmenityName,PropertyId, Nature) Values (" + i + " ," + a + " , '" + nature + "')"

edited Apr 13 '14 at 02:15

Idris

997
2
10
27

answered Apr 13 '14 at 01:53

Paresh J

2,401
3
24
31

Insert Statement is showing error "Incorrect syntax near ="

3 Answers3