Incorrect Syntax near '='

Question

i watched a course and the teacher write this code and its worked for him but shows me this error.. my CODE

private void button2_Click(object sender, EventArgs e){
 con.Open();
 SqlCommand cmd = new SqlCommand("update Admin set 
 username=@username.password=@password.Fullname=@Fullname")
 cmd.Parameters.AddWithValue("@username", textuser.Text);
 cmd.Parameters.AddWithValue("@password", textpassword.Text);
 cmd.Parameters.AddWithValue("@Fullname", textFullname.Text);
 cmd.Parameters.AddWithValue("@id", id);
 cmd.ExecuteNonQuery(); // Error In This Line...
 con.Close();
 MessageBox.Show("DELETED");
 upload_data_into_GridView_from_database();
}

`update Admin set username=@username, password=@password, Fullname=@Fullname where id=@id` — Iłya Bursov, Jul 23 '20 at 22:10
btw, I like that after password update user will get message "DELETED" — Iłya Bursov, Jul 23 '20 at 22:13
Suggested reading: [AddWithValue is evil](https://www.dbdelta.com/addwithvalue-is-evil/) and [password hashing](https://stackoverflow.com/questions/326699/difference-between-hashing-a-password-and-encrypting-it) — Ňɏssa Pøngjǣrdenlarp, Jul 23 '20 at 23:13

score 4 · Answer 1 · answered Jul 23 '20 at 22:12

The dots in the query should be commas instead. And as far as your code is concerned, the query seems to be missing a where clause to filter on id (or the-like):

I would suggest:

update admin
set username = @username, password = @password, Fullname = @Fullname
where id = @id

score 1 · Accepted Answer · answered Jul 23 '20 at 22:10

1

you are missing an e, in ExecuteNonQuery:

cmd.ExecuteNonQuery();

Also instead of a . you need a comma (,) on your update query:

answered Jul 23 '20 at 22:10

apomene

14,282
9
46
72

Incorrect Syntax near '='

2 Answers2