I want to insert data in database in asp.net using c#,but it showing me this exception.
Asked
Active
Viewed 149 times
-4
-
4Please show your code and exception message as a plain text. – Soner Gönül Dec 28 '15 at 12:07
-
1http://stackoverflow.com/help/how-to-ask – Quentin Roger Dec 28 '15 at 12:07
-
1`table` is a preserved keyword in every ANSI SQL language. Rename your table. – Patrick Hofman Dec 28 '15 at 12:08
-
2Besides the above: **use parameterized queries!!!** – Patrick Hofman Dec 28 '15 at 12:08
2 Answers
1
It is really hard to tell to solve your problem on an image but my money is on Table is a reserved keyword on TSQL part. You can use it with square brackets like [Table] but I do not recommend this. Change it to non-reserved word as a best option.
But much more important, you should always use parameterized queries. This kind of string concatenations are open for SQL Injection attacks.
And use using statement to dispose your connection and command automatically instead of calling Close method manually.
Based on your column name, ID should be numeric type instead of character. Do not have a bad habit to choose wrong data type.
Also do not store your passwords as a plain text. Read Best way to store password in database
Community
- 1
- 1
Soner Gönül
- 97,193
- 102
- 206
- 364
0
Query syntax is not correct so how can you fix it?
Steps:
Copy command text(cmd.CommandText in debug mode)
Open micro soft sql server management studio and open query analyzer and paste there.
Run the query and you will find the cause.
After fixing the syntax error there now you can construct query in same way for c# code
I trust it will help you. :)
Surya
- 173
- 4