0

I'm currently working on a function that should simply insert data into a database. Normaly the code worked but now it doesn't. I click on the button that should insert the data and when I look if it inserted the data into my table there is no data. I don't have any error codes when I proceed the code.

            SqlConnection con = new SqlConnection(@"Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=C:\Users\papri\source\repos\AOL-Rebirth-Project-RECENT\AOL-Rebirth-Project-RECENT\bin\Debug\accounts.mdf;Integrated Security=True;Connect Timeout=30");
            con.Open();
            SqlCommand cmd = con.CreateCommand();
            cmd.CommandText = "insert into [Table2] (screenname) values ('" + textBox8.Text + "')";
            cmd.ExecuteNonQuery();
            con.Close();

I don't know what to do :(

Charlieface
  • 52,284
  • 6
  • 19
  • 43
oldwebrebirthproject1980
  • 19
  • 2
  • Check the result of `cmd.ExecuteNonQuery()` what does it return? Also, don't use string concatenation, use parameters. – Karen Payne Jun 13 '22 at 18:46
  • So i made this: ```int rowsAffected = cmd.ExecuteNonQuery();``` and it says that my insert button effects the row. I think you mean that hopefully with return – oldwebrebirthproject1980 Jun 13 '22 at 19:02
  • 2
    You need to remove that, and instead create a normal database using SSMS. Also, parameterize your query otherwise you leave yourself open to **dangerous** SQL injection. And dispose your connection and command with `using` – Charlieface Jun 13 '22 at 21:13
  • https://stackoverflow.com/questions/7505808/why-do-we-always-prefer-using-parameters-in-sql-statements – Sean Lange Jun 14 '22 at 02:46

0 Answers0