0

The following exception is thrown when I run the below code:

system.data.oledb.oledbexception data type mismatch in criteria expression

private void buttonUp_Click(object sender, EventArgs e)
{
    try
    {
        connection.Open();
        OleDbCommand command = new OleDbCommand();
        command.Connection = connection;
        string query = "UPDATE data SET  Name ='"+txtNL.Text+"' , Period ='"+txtper.Text+"' , DOB = '"+txtmonth.Text+"', price = '"+txtprice.Text+"', follow = '"+combofw.Text+"' WHERE ID = "+txtid.Text+" ";
        //(ID,Name,Period,DOB,price,follow)
        MessageBox.Show(query);
        command.CommandText = query;

        command.ExecuteNonQuery();
        MessageBox.Show("Data Edited/Updated Successful");
        connection.Close();
    }
    catch (Exception ex)
    { MessageBox.Show("Error " + ex); }
}

How can I fix this?

Sam
  • 7,252
  • 16
  • 46
  • 65
Atit Suckchuy
  • 11
  • 1
  • 2
    Please don't use string concatenation to create SQL statements. Imagine a user typing `0;drop table users;--` in txtID.Text. Or simply `x` (probably what happened here). Use parameterized queries, ensuring the parameters have the same types as the underlying fields – Panagiotis Kanavos Jun 10 '15 at 15:45

1 Answers1

0

One of your inputs does not match the data type that the database table is expecting. For example if you pass"abbx" as the date text and your table is expecting DateTime, it's not going to work. Make sure you match the types in your input to the one your table has.

outstacked
  • 201
  • 1
  • 4
  • 11
  • All text variables in the table. – Atit Suckchuy Jun 10 '15 at 15:55
  • Thanks for the answer the question. The code is solved. string query = "UPDATE data SET Name ='"+txtNL.Text+"' , Period ='"+txtper.Text+"' , DOB = '"+txtmonth.Text+"', price = '"+txtprice.Text+"', follow = '"+combofw.Text+"' WHERE ID = '"+txtid.Text+"' "; – Atit Suckchuy Jun 10 '15 at 16:17