Hi All,
I have tried to find examples of the add parameter method of inserting but most i see don't make sense.
below is my sql statement and vb.net code that inserts it, the reason I wish to use add parameter is if the user saves something like mary's the " ' " throws the command out and everything crashes.
any help is much and greatly appriciated
I have tried to find examples of the add parameter method of inserting but most i see don't make sense.
below is my sql statement and vb.net code that inserts it, the reason I wish to use add parameter is if the user saves something like mary's the " ' " throws the command out and everything crashes.
Code:
Dim Sql as String
Sql = "INSERT INTO settings (wrapprint, burgerprint, coffeeprint, coldprint, specialprint, sandprint, otherprint, bizname, abn, address, footer, breakprint, customprint, button1name, button2name, button3name, button4name, button5name, button6name, button7name, button8name, button1order, button2order, button3order, button4order, button5order, button6order, button7order, button8order, button1on, button2on, button3on, button4on, button5on, button6on, button7on,button8on, keyer) VALUES"
Sql = Sql & "('" & My.Settings.wrapprint & "','" & My.Settings.burgerprint & "','" & My.Settings.coffeeprint & "','" & My.Settings.coldprint & "','" & My.Settings.specialprint & "','" & My.Settings.sandprint & "','" & My.Settings.otherprint & "','" & My.Settings.bizname & "','" & My.Settings.abn & "','" & My.Settings.address & "','" & My.Settings.footer & "','" & My.Settings.breakprint & "','" & My.Settings.customprint & "','" & My.Settings.button1name & "','" & My.Settings.button2name & "','" & My.Settings.button3name & "','" & My.Settings.button4name & "','" & My.Settings.button5name & "','" & My.Settings.button6name & "','" & My.Settings.button7name & "','" & My.Settings.button8name & "','" & My.Settings.button1order & "','" & My.Settings.button2order & "','" & My.Settings.button3order & "','" & My.Settings.button4order & "','" & My.Settings.button5order & "','" & My.Settings.button6order & "','" & My.Settings.button7order & "','" & My.Settings.button8order & "','" & My.Settings.button1on & "','" & My.Settings.button2on & "','" & My.Settings.button3on & "','" & My.Settings.button4on & "','" & My.Settings.button5on & "','" & My.Settings.button6on & "','" & My.Settings.button7on & "','" & My.Settings.button8on & "','" & keyer.ToString & "')"
Dim cmd2 As New OleDbCommand
cmd2.Connection = con
cmd2.CommandType = CommandType.Text
cmd2.CommandText = Sql
cmd2.ExecuteNonQuery()
con.Close()