-2

I am getting the following error and I have been doing a lot of research online to re-solve but i can't seem to find the right answer , A bit of help would be much appreciated. Many Thanks

Error: Additional information: Must declare the scalar variable "@Username@DepartmentName".

//DepartmentName and Username are both foreign key from LoginDetails table and Department table

SqlConnection cn = new SqlConnection(@"Data Source=PRINCENICHOLAS;Initial Catalog=Kids Company IT Asset;Integrated Security=True");
SqlCommand sqlcmdLogin = new SqlCommand("Insert into LoginDetails(Username,Password,PrivilegeCode) Values(@Username,@Password,@PrivilegeCode)", cn);

sqlcmdLogin.Parameters.AddWithValue("@Username", txtEmpFirstName.Text + '.' + txtEmpSurname.Text);
sqlcmdLogin.Parameters.AddWithValue("@Password", txtEmpPassword.Text);
sqlcmdLogin.Parameters.AddWithValue("@PrivilegeCode", cboPrivilege.SelectedItem.ToString());
cn.Open();
sqlcmdLogin.ExecuteNonQuery();
cn.Close();
//Insert Employee Table
SqlCommand sqlcmdEmp = new SqlCommand("Insert into Employee(FirstName,LastName,DOB,Email,PhoneNumber,JobRole,Username,DepartmentName) Values(@FirstName,@LastName,@DOB,@Email,@PhoneNumber,@JobRole,@Username@DepartmentName)", cn);
sqlcmdEmp.Parameters.AddWithValue("@FirstName", txtEmpFirstName.Text);
sqlcmdEmp.Parameters.AddWithValue("@LastName", txtEmpSurname.Text);
sqlcmdEmp.Parameters.AddWithValue("@DOB", dtpEmpDOB.Text);
sqlcmdEmp.Parameters.AddWithValue("@Email", txtEmpEmail.Text);
sqlcmdEmp.Parameters.AddWithValue("@PhoneNumber", txtEmpPhone.Text);
sqlcmdEmp.Parameters.AddWithValue("@JobRole", txtJobRole.Text);
sqlcmdEmp.Parameters.AddWithValue("@Username", txtEmpFirstName.Text + '.' + txtEmpSurname.Text);
sqlcmdEmp.Parameters.AddWithValue("@DepartmentName", cboDeptName.SelectedItem.ToString());
cn.Open();      
sqlcmdEmp.ExecuteNonQuery();
cn.Close();​
Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Hollywood
  • 175
  • 1
  • 2
  • 13

1 Answers1

3

You forget to seperate your parameter names with , like

@Username, @DepartmentName

in your sqlcmdEmp definition line.

Since you wrote it as @Username@DepartmentName, your program expect the exact name of it.

Use using statement to dispose your SqlConnection and SqlCommand instead of calling .Close() method manually.

using(SqlConnection cn = new SqlConnection(connectionString))
using(SqlCommand cmd = cn.CreateCommand())
{
    // Define your command text
    // Add your paramter values
    // Open your connection
    // Execute your query
}

Don't store your passwords as a plain text. Read: Best way to store password in database

And don't use AddWithValue method. It may generate unexpected results sometimes. Use .Add() method or it's overloads. Read: Can we stop using AddWithValue() already?

Community
  • 1
  • 1
Soner Gönül
  • 97,193
  • 102
  • 206
  • 364