update command in multiple criteria expressions

Question

my command Text criteria must find the User ID and the date. the User ID works fine but not with Date criteria the database will have multiple lines with the user id but the dates will be different here is my code....

                // UPDATE
                var workingDate = dateTimePicker2.Value.ToString("yyyy/MM/dd").Trim();
                OleDbCommand cmd15 = new OleDbCommand();

                cmd15.Connection = connect;
                cmd15.CommandText = "UPDATE WorkTable SET Actual_HoursWe1='" + Actual_HoursWe + "', Paid_HoursWE1='" + Paid_HoursWE + "', NSWE1='" + NSWE + "', OT1WE1='" + OT1WE + "', OT_21='" + OT1WE + "', PBWE1='" + PBWE + "', Actual_HoursTH1='" + Actual_HoursTH + "', Paid_HoursTH1='" + Paid_HoursTH + "', NSTH1='" + NSTH + "', OT1TH1='" + OT1TH + "',  OT2TH1='" + OT2TH + "', PBTH1='" + PBTH + "', Actual_HoursFR1='" + Actual_HoursFR + "', Paid_HoursFr1='" + Paid_HoursFr + "', NSFR1='" + NSFR + "', OT2FR1='" + OT2FR + "', OT1FR1='" + OT1FR + "', PBFR1='" + PBFR + "', Actual_HoursSA1 ='" + Actual_HoursSA + "', Paid_HoursSA1='" + Paid_HoursSA + "', NSSA1='" + NSSA + "', OT1SA1='" + OT1SA + "', OT2SA1='" + OT2SA + "', PBSA1='" + PBSA + "', Actual_HoursSU1='" + Actual_HoursSU + "', OT2SU1='" + OT2SU + "', PBSU1='" + PBSU + "', Actual_HoursMO1='" + Actual_HoursMO + "', Paid_HoursMO1='" + Paid_HoursMO + "', NSMO1='" + NSMO + "', OT1MO1='" + OT1MO + "', OT2MO1='" + OT2MO + "', PBMO1='" + PBMO + "', Actual_HoursTU1='" + Actual_HoursTU + "', Paid_HourseU1='" + Paid_HourseU + "', NSTU1='" + NSTU + "', OT1TU1='" + OT1TU + "', OT2TU1='" + OT2TU + "', PBTU1='" + PBTU + "', Paid_Hrs1='" + Paid_Hrs + "', TotalOT151='" + TotalOT15 + "', TotalOT21='" + TotalOT2 + "', TotalNS1='" + TotalNS + "', TotalPB1='" + TotalPB + "' WHERE  User_ID ='" + User_ID + "' AND  DateWE =" + workingDate ; 

                cmd15.ExecuteNonQuery();
                }
                connect.Close();
        }

it gives me an error on the end of the criteria

When you have an error and you ask a question about that error you need to include that error. An error that occurs at runtime this case its called an `Exception` (*this is how errors manifest themselves in .net*). Include the `Message`, the `Type`, the `StackTrace`, and repeat this recursively across `InnerException`s all the way down. Use the [edit] link on your question to include that detail, *do not* include it as a comment. Please also read [*How do I ask a Good Question*](/help/how-to-ask). — Igor, May 18 '20 at 19:50
**Always use parameterized sql and avoid string concatenation** to add values to sql statements. This mitigates SQL Injection vulnerabilities and ensures values are passed to the statement correctly. See [How can I add user-supplied input to an SQL statement?](https://stackoverflow.com/q/35163361/1260204), and [Exploits of a Mom](https://xkcd.com/327/). — Igor, May 18 '20 at 19:50
my error... System.Data.OleDb.OleDbException: 'No value given for one or more required parameters.' — JOHN Muller, May 18 '20 at 19:54
i will rewrite this to parameterized sql. i need to update the line with the user id. but that user id can have multiple lines and only way of getting the correct line is by using the date value in that line — JOHN Muller, May 18 '20 at 19:58
Please split `cmd15.CommandText =` into multiple lines. It's impossible to read otherwise. — Victor Zakharov, May 18 '20 at 20:48

update command in multiple criteria expressions

0 Answers0