Search code examples
mysql.netvb.netoledb

How to make OleDB query read a colon :

I am working on a GPS app and I need to parse the exploded string sent to the app.
however, SQL query in OleDB doesn't recognize : as a character. - I think that's the error

I added a field, Time on my .accdb with text as data type...

04T16:18:42Z

that is the time data the gps is sending..
but I get syntax error if I am using that through (i just made this short, I use vb.net) -
insert into myTable(Time) values ('" & txtTime.Text & "')
that is the query I use. I posted the error yesterday, and it seems that, that is the data that causes syntax error.
what should I do to make it work? Or maybe do something like change its time format, split, rewrite? the main goal is for me to save it to the database. thanks

UPDATE: this is my code for saving, could you re-arrange it with parameters --

query = "INSERT INTO tblGPSRoutes(Time,Latitude,Longitude,Elevation,Accuracy,Bearing,Speed)"
query &= " VALUES ('" & txtTime.Text & "','" & txtLat.Text & "','" & txtLong.Text & "','" & txtElev.Text & "','" & txtAccuracy.Text & "','" & txtBearing.Text & "','" & txtSpeed.Text & "')"


        databaseFunctions.ExecuteQuery(query)
        MessageBox.Show("Data Saved Successfully.")

UPDATE2: now I am using parameters :

Dim con As OleDbConnection
    con = New OleDbConnection
    con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source = " & Path.Combine(Application.StartupPath, "markers.accdb")
    con.Open()
    Dim query As String = "INSERT INTO tblGPSRoutes(Latitude,Longitude,Elevation,Accuracy,Bearing,Speed) VALUES (@lat,@long,@elev,@acc,@bearing,@speed)"
    Using cmd As New OleDbCommand(query, con)
        With cmd.Parameters
            '.AddWithValue("@time", txtTime.Text)'
            .AddWithValue("@lat", txtLat.Text)
            .AddWithValue("@long", txtLong.Text)
            .AddWithValue("@elev", txtElev.Text)
            .AddWithValue("@acc", txtAccuracy.Text)
            .AddWithValue("@bearing", txtBearing.Text)
            .AddWithValue("@speed", txtSpeed.Text)
        End With
        cmd.ExecuteNonQuery()
    End Using

first says, syntax error.. then I removed the time data input. then it works.

Solution

  • Time is reserved word in Access. So you cannot use it as column name.(I changed it to MyTime in example

    Use parameters when you add some application's variables to SQL query.
    Then you avoid SQL injections and some errors when using special characters in the string value

    Dim query As String = "insert into myTable(MyTime, Latitude) values (@TextTime, @Latitude)"
//Then create parameters for your databaseFunctions's functions
Dim parameters As New List(Of OleDbParameters)()
With parameters
    .Add(New OleDbParameter("@TextTime", txtTime.Text))
    .Add(New OleDbParameter("@Latitude", txtLat.Text))
End With
databaseFunctions.ExecuteQuery(query, parameters.ToArray())
MessageBox.Show("Data Saved Successfully.")

    But then you need add/change your databaseFunctions.ExecuteQuery(query) - function to take two parameters

    Public Sub ExecuteQuery(query As String, params As OleDbParameters())
    //Here add parameters to OleDbCommand object and execute command
End Sub