Search code examples
c#ms-accessoledb

OleDBException was unhandled NO value given for one or more parameters

I am trying to Update a table in an access database from C#.

It is a .mdb type database.

here is the connection string I am using. public MainWindow() { 

InitializeComponent();

OleDbConnection cn= new OleDbConnection();}
cn.ConnectionString=@"Provider=Microsoft.Jet.OLEDB.4.0;DataSource=" 
    + "C:\Users\Angela\Documents\Visual Studio 2010\Projects\Havnefoged11.mdb;" 
    + "User Id=;Password=;";

cn.Open();

Application.Current.Properties["DBConnection"] = cn;

The file is in the correct folder C:\Users\Angela\Documents\Visual Studio 2010\Projects

 private void button1_Click_1(object sender, RoutedEventArgs e)
    {

 OleDbConnection conn =             

 (OleDbConnection)Application.Current.Properties["DBConnection"];
 //Below are the values i want to put into the database 
 String dybde = Dybde.Text;
 String bredde = Bredde.Text;
 String plads = PladsNummer.Text;

String StrSQL = 
    "INSERT INTO Bådpladser (Plads_nummer,Bredde,Dybde) VALUES (´´"+ plads
        + "´,´" 
        + bredde
        + "´," 
        + dybde+");";

  OleDbCommand InsertCommand = new OleDbCommand(StrSQL, conn);

   InsertCommand.ExecuteNonQuery();
    }

I then get the error OleDBException was unhandled NO value given for one or more parameters

I have gone in and changed all the fields in the database to be text I have checked the field names they are correct. The ldb file comes when I initialise the program. but as soon as I press the button I get the error.

Any ideas?

Ps I have included the 

  using System.Data;
   using System.Data.OleDb;
Solution

  • As others pointed out, you are open to SQL injection attacks. You should use parameters. The reason it is probably failing is that the content of the strings you are inserting may contain a "?" and "?" is implied as "I am expecting a parameter here" and is what is making it choke.

    Try changing to

    String StrSQL = "INSERT INTO Bådpladser (Plads_nummer, Bredde, Dybde ) VALUES ( ?, ?, ? )";
OleDbCommand InsertCommand = new OleDbCommand(StrSQL, conn )
InsertCommand.Parameters.AddWithValue( "yourFirstParm", plads );
InsertCommand.Parameters.AddWithValue( "yourSecondParm", bredde );
InsertCommand.Parameters.AddWithValue( "yourThirdParm", dybde );

    THEN, execute it, but NOTE: The parameters must be added in the same sequence as your "?" place-holders.

    Also, it may be that your backend DOES support named parameters and not "?" values... if so, you may need to adjust to something like

    String StrSQL = "INSERT INTO Bådpladser (Plads_nummer, Bredde, Dybde ) "
      + "VALUES ( @parmPlads, @parmBredde, @parmDybde )";
OleDbCommand InsertCommand = new OleDbCommand(StrSQL, conn )
InsertCommand.Parameters.AddWithValue( "@parmPlads", plads );
InsertCommand.Parameters.AddWithValue( "@parmBredde", bredde );
InsertCommand.Parameters.AddWithValue( "@parmDybde", dybde );