tags:

views:

175

answers:

4
Q: 

Delphi SQL insert into statement error 

qryreg.SQL.Add('Insert into RegistreerTB');
qryreg.SQL.add('Name , Surname, E-mail, Password)');
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')');
qryreg.ExecSQL ;
qryreg.SQL.Text := 'Select * from RegistreerTB';
qryreg.Open ;

This is the code im using atm with delphi im trying to save data to my database from editboxes. The error im getting is EOELeException "Insert into statement"

ty in advance

+1  A: 

Your problem is in the first line. I made the correction below. you need an opening parenthesis.

qryreg.SQL.Add('Insert into RegistreerTB ('); 
qryreg.SQL.Add('Name , Surname, E-mail, Password)'); 
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')'); 
qryreg.ExecSQL ; 
qryreg.SQL.Text := 'Select * from RegistreerTB'; 
qryreg.Open ;

see if this works

qryreg.SQL.Add("Insert into RegistreerTB ("); 
qryreg.SQL.Add("Name , Surname, E-mail, Password)"); 
qryreg.SQL.Add("Values ('"+edtname.Text+"','"+edtsname.Text +"','"+edtemail.Text+"','"+edtpassuse.Text +"')"); 
qryreg.ExecSQL ; 
qryreg.SQL.Text := "Select * from RegistreerTB"; 
qryreg.Open ;
John Hartsock  2010-10-04 19:21:11
i have changed the code as you said i still get the same error i have been trying to figure this out for past hour and i can't find my error but thanks anyway :)
Shadowriz  2010-10-04 19:23:13
@Shadowriz... What does quoted string return for example: quotedstr("hello") will it return "hello" or 'hello'
John Hartsock  2010-10-04 19:24:16
@Shadowriz: What John stated seems like the only problem with this code(I hope quotedstr returns single quotes). Are you sure your table definition fits this statement? Are you sure your field names are correct?
Erkan Haspulat  2010-10-04 19:27:29
ye the field names are correct @john i have never done this before i am working from a textbook atm :) quotedstr(edt1.text) wil return the text entered into the edit box idk if that was of any help but ty for comments
Shadowriz  2010-10-04 19:32:12
@ joe I have added it still same error :(
Shadowriz  2010-10-04 19:36:57
@Shadowriz...try the code I added...let me know if it works
John Hartsock  2010-10-04 20:52:12
A: 
  1. May be you have to call qryreg.SQL.Clear before your first line.
  2. Why not to use parameters ?
oodesigner  2010-10-04 19:41:27
hey im using an example from a textbook and i have just changed the values to the ones im using atm could you please elaborate on paramaters
Shadowriz  2010-10-04 19:46:55
@Shadowriz: please include the name of the textbook in your answer.
Jeroen Pluimers  2010-10-05 08:01:33
+4  A: 

As John's answer points out, you need to have parentheses around the column names before VALUES. You need to make sure all the column names are valid SQL identifiers. If they aren't, as in the case for E-mail, you need to quote or escape them according to your database's syntax rules. For example, MySQL uses grave accents, Microsoft SQL uses brackets, and Oracle and Postgresql use quotation marks.

Rob Kennedy  2010-10-04 19:52:42
+1 Good catch. I completely overlooked that one.
Joe Stefanelli  2010-10-04 20:01:00
+7  A: 

As oodesigner stated, a better method would be to use parameters. I don't know what text book you are looking at, but the code given isn't really best practice (it isn't worst practice either, at least it uses QuotedStr rather than '''' + edtname.Text + '''' which fails the first time you use something like O'Connell, and allows SQL injection attacks.

Using parameters and assuming SQL Server syntax as per Rob's answe, and assuming TADOQuery (based on the EOLEException) the code would be something like:

qryreg.SQL.Add('Insert into RegistreerTB');  
qryreg.SQL.Add('(Name , Surname, [E-mail], Password)');  //SQL Server syntax with square brackets

// OR qryreg.SQL.Add('(Name , Surname, "E-mail", Password)');  //Oracle/Postgres syntax with double quotes
// OR qryreg.SQL.Add('(Name , Surname, `E-mail`, Password)');  //MySQL syntax with grave accent

qryreg.SQL.Add('Values :Name, :Surname, :Email, :Password)'); 

qryreg.Parameters.ParamByName('Name').Value := edtName.Text;
qryreg.Parameters.ParamByName('Surname').Value := edtSName.Text;
qryreg.Parameters.ParamByName('Email').Value := edtEmail.Text;
qryreg.Parameters.ParamByName('Password').Value := edtPassUse.Text;

qryreg.ExecSQL;  
qryreg.SQL.Text := 'Select * from RegistreerTB';  
qryreg.Open ;
Gerry  2010-10-04 20:20:10
Parameters also avoid hard-parsing the query each time, and allow reuse an already parsed statements. Some database don't "like" much being flooded by a lot of statements as it happens when the same statement is resubmitted over and over again just changing some literals.
ldsandon  2010-10-04 20:57:16
Ty i will look into using paramters
Shadowriz  2010-10-04 21:02:30

related questions

Backup SQL Schema Only?
Sql to query a dbs scheme
Timer-based event triggers
Sql query, count and group by
Paging SQL Server 2005 Results
SQL 2005 For XML Explicit - Need help formatting
How do I use T-SQL Group By
What all do I need to escape when sending a (My)SQL query?
Split String in SQL
Datatable vs Dataset
ASP.NET MVC "CRUD" Database Sample
Convert HashBytes to VarChar
Best Book for a new Database Developer
What is the best way to avoid SQL injection attacks?
What language do you use for Postgresql triggers and stored procedures?
What is the best way to handle multiple permission types?
How do I index a database field
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Is there a version control system for database structure changes?
How to export data from SQL Server 2005 to MySQL
ASP.NET Site Maps
Decoding T-SQL CAST in C#/VB.net
Flat File Databases in PHP