I am working on a GPS app and I need to parse the exploded string sent to the app.
however, SQL query in OleDB doesn't recognize :
as a character. - I think that's the error
I added a field, Time
on my .accdb with text as data type...
04T16:18:42Z
that is the time data the gps is sending..
but I get syntax error if I am using that through (i just made this short, I use vb.net) -
insert into myTable(Time) values ('" & txtTime.Text & "')
that is the query I use. I posted the error yesterday, and it seems that, that is the data that causes syntax error.
what should I do to make it work? Or maybe do something like change its time format, split, rewrite? the main goal is for me to save it to the database. thanks
UPDATE: this is my code for saving, could you re-arrange it with parameters
--
query = "INSERT INTO tblGPSRoutes(Time,Latitude,Longitude,Elevation,Accuracy,Bearing,Speed)"
query &= " VALUES ('" & txtTime.Text & "','" & txtLat.Text & "','" & txtLong.Text & "','" & txtElev.Text & "','" & txtAccuracy.Text & "','" & txtBearing.Text & "','" & txtSpeed.Text & "')"
databaseFunctions.ExecuteQuery(query)
MessageBox.Show("Data Saved Successfully.")
UPDATE2: now I am using parameters :
Dim con As OleDbConnection
con = New OleDbConnection
con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source = " & Path.Combine(Application.StartupPath, "markers.accdb")
con.Open()
Dim query As String = "INSERT INTO tblGPSRoutes(Latitude,Longitude,Elevation,Accuracy,Bearing,Speed) VALUES (@lat,@long,@elev,@acc,@bearing,@speed)"
Using cmd As New OleDbCommand(query, con)
With cmd.Parameters
'.AddWithValue("@time", txtTime.Text)'
.AddWithValue("@lat", txtLat.Text)
.AddWithValue("@long", txtLong.Text)
.AddWithValue("@elev", txtElev.Text)
.AddWithValue("@acc", txtAccuracy.Text)
.AddWithValue("@bearing", txtBearing.Text)
.AddWithValue("@speed", txtSpeed.Text)
End With
cmd.ExecuteNonQuery()
End Using
first says, syntax error.. then I removed the time
data input. then it works.
Time
is reserved word in Access. So you cannot use it as column name.(I changed it to MyTime
in example
Use parameters when you add some application's variables to SQL query.
Then you avoid SQL injections and some errors when using special characters in the string value
Dim query As String = "insert into myTable(MyTime, Latitude) values (@TextTime, @Latitude)"
//Then create parameters for your databaseFunctions's functions
Dim parameters As New List(Of OleDbParameters)()
With parameters
.Add(New OleDbParameter("@TextTime", txtTime.Text))
.Add(New OleDbParameter("@Latitude", txtLat.Text))
End With
databaseFunctions.ExecuteQuery(query, parameters.ToArray())
MessageBox.Show("Data Saved Successfully.")
But then you need add/change your databaseFunctions.ExecuteQuery(query)
- function to take two parameters
Public Sub ExecuteQuery(query As String, params As OleDbParameters())
//Here add parameters to OleDbCommand object and execute command
End Sub