Is there any way to put text into SQL using Delphi?

Question

I made simple code which first checks the database in SQL for existing login or email and if everything is correct then adds new user to database from Tedit.

Everything works just fine but there is one problem. I can only add strings of numbers or single number. I can't add any text?

While I add any text I get error:

Invalid column name 'thing i typed in Tedit'.

Here is code

begin
        ADOQuery2.SQL.Clear;
        ADOQuery2.SQL.Add('INSERT INTO users (login, password, email)');
        ADOQuery2.SQL.Add(' VALUES ');
        ADOQuery2.SQL.Add('('+edtLogin.Text+', '+edtPassword.Text+', '+edtMail1.Text+')');
        ADOQuery2.ExecSQL;
        ShowMessage('Account created');
        edtLogin.Text := '';
        edtPassword.Text := '';
        edtMail1.Text := '';
        edtMail2.Text := '';
        Close;
end;

Do not concatenate your SQL. Instead, use parameters, which will allow you to properly set the values for any type of field without needing to convert or quote them. Search this site for [delphi] query parameter for examples of doing so. — Ken White, Feb 24 '21 at 00:59
Aside from the fact that concatenating your query directly from UI components is [terrible practice](https://xkcd.com/327/) and aside from the fact that storing passwords in plain text is insane, you also need to read the SQL manual - it will tell you everything you need to know. String types must be enclosed in quotes when passed as values. But don't bother doing that - save yourself a headache and do like Ken says and use parameters. — J..., Feb 24 '21 at 01:05

Is there any way to put text into SQL using Delphi?

0 Answers0