How to fix incorrect syntax near '?'












2















When I execute this code, I'm getting an error in the SQL command




Incorrect syntax near '?'




This is my code:



Dim command As New SqlCommand("SELECT [username], [password] FROM [stud_table] WHERE [username] = ?", connection)

command.Parameters.AddWithValue("username", Me.UsernameTextBox.Text)



Try

    connection.Open()



    Dim adapter As New SqlDataAdapter(command)



    Dim rec As SqlDataReader = command.ExecuteScalar()



    If rec.HasRows Then

        rec.Read()



        If Me.PasswordTextBox.Text.ToLower = rec.Item("password").ToString Then

            MsgBox("Login successful")

            Me.Hide()

            user_profile.Show()

        Else

            MsgBox("Login unsuccessful, Incorrect Password", MsgBoxStyle.OkOnly, "Invalid")

        End If

    Else

        MsgBox("Login unsuccessful, Invalid UserName", MsgBoxStyle.OkOnly, "Invalid")

    End If

    rec.Close()

Catch ex As OleDb.OleDbException

    MsgBox("Login unsuccessful,no connection", MsgBoxStyle.OkOnly, "Invalid")

Catch ex As Exception

    MessageBox.Show(ex.Message)

Finally

    connection.Close()

End Try





sql-server vb.net







share|improve this question




















  • 1





    Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

    – Steve
    Jan 18 at 20:26













  • Do not store passwords as plain text.

    – Mary
    Jan 19 at 5:51











  • You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

    – Mary
    Jan 19 at 5:53
















2















When I execute this code, I'm getting an error in the SQL command




Incorrect syntax near '?'




This is my code:



Dim command As New SqlCommand("SELECT [username], [password] FROM [stud_table] WHERE [username] = ?", connection)

command.Parameters.AddWithValue("username", Me.UsernameTextBox.Text)



Try

    connection.Open()



    Dim adapter As New SqlDataAdapter(command)



    Dim rec As SqlDataReader = command.ExecuteScalar()



    If rec.HasRows Then

        rec.Read()



        If Me.PasswordTextBox.Text.ToLower = rec.Item("password").ToString Then

            MsgBox("Login successful")

            Me.Hide()

            user_profile.Show()

        Else

            MsgBox("Login unsuccessful, Incorrect Password", MsgBoxStyle.OkOnly, "Invalid")

        End If

    Else

        MsgBox("Login unsuccessful, Invalid UserName", MsgBoxStyle.OkOnly, "Invalid")

    End If

    rec.Close()

Catch ex As OleDb.OleDbException

    MsgBox("Login unsuccessful,no connection", MsgBoxStyle.OkOnly, "Invalid")

Catch ex As Exception

    MessageBox.Show(ex.Message)

Finally

    connection.Close()

End Try





sql-server vb.net







share|improve this question




















  • 1





    Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

    – Steve
    Jan 18 at 20:26













  • Do not store passwords as plain text.

    – Mary
    Jan 19 at 5:51











  • You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

    – Mary
    Jan 19 at 5:53














2












2








2








When I execute this code, I'm getting an error in the SQL command




Incorrect syntax near '?'




This is my code:



Dim command As New SqlCommand("SELECT [username], [password] FROM [stud_table] WHERE [username] = ?", connection)

command.Parameters.AddWithValue("username", Me.UsernameTextBox.Text)



Try

    connection.Open()



    Dim adapter As New SqlDataAdapter(command)



    Dim rec As SqlDataReader = command.ExecuteScalar()



    If rec.HasRows Then

        rec.Read()



        If Me.PasswordTextBox.Text.ToLower = rec.Item("password").ToString Then

            MsgBox("Login successful")

            Me.Hide()

            user_profile.Show()

        Else

            MsgBox("Login unsuccessful, Incorrect Password", MsgBoxStyle.OkOnly, "Invalid")

        End If

    Else

        MsgBox("Login unsuccessful, Invalid UserName", MsgBoxStyle.OkOnly, "Invalid")

    End If

    rec.Close()

Catch ex As OleDb.OleDbException

    MsgBox("Login unsuccessful,no connection", MsgBoxStyle.OkOnly, "Invalid")

Catch ex As Exception

    MessageBox.Show(ex.Message)

Finally

    connection.Close()

End Try





sql-server vb.net







share|improve this question
















When I execute this code, I'm getting an error in the SQL command




Incorrect syntax near '?'




This is my code:



Dim command As New SqlCommand("SELECT [username], [password] FROM [stud_table] WHERE [username] = ?", connection)

command.Parameters.AddWithValue("username", Me.UsernameTextBox.Text)



Try

    connection.Open()



    Dim adapter As New SqlDataAdapter(command)



    Dim rec As SqlDataReader = command.ExecuteScalar()



    If rec.HasRows Then

        rec.Read()



        If Me.PasswordTextBox.Text.ToLower = rec.Item("password").ToString Then

            MsgBox("Login successful")

            Me.Hide()

            user_profile.Show()

        Else

            MsgBox("Login unsuccessful, Incorrect Password", MsgBoxStyle.OkOnly, "Invalid")

        End If

    Else

        MsgBox("Login unsuccessful, Invalid UserName", MsgBoxStyle.OkOnly, "Invalid")

    End If

    rec.Close()

Catch ex As OleDb.OleDbException

    MsgBox("Login unsuccessful,no connection", MsgBoxStyle.OkOnly, "Invalid")

Catch ex As Exception

    MessageBox.Show(ex.Message)

Finally

    connection.Close()

End Try





sql-server vb.net




sql-server vb.net






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 19 at 9:44









GSerg

59.3k14102222




59.3k14102222










asked Jan 18 at 20:10









aartitirtha pramodkumaraartitirtha pramodkumar

81




81








  • 1





    Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

    – Steve
    Jan 18 at 20:26













  • Do not store passwords as plain text.

    – Mary
    Jan 19 at 5:51











  • You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

    – Mary
    Jan 19 at 5:53














  • 1





    Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

    – Steve
    Jan 18 at 20:26













  • Do not store passwords as plain text.

    – Mary
    Jan 19 at 5:51











  • You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

    – Mary
    Jan 19 at 5:53








1




1





Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

– Steve
Jan 18 at 20:26







Sql Server doesn't use the ? as placeholder for parameters. It uses the @ followed by a string representing the parameter name

– Steve
Jan 18 at 20:26















Do not store passwords as plain text.

– Mary
Jan 19 at 5:51





Do not store passwords as plain text.

– Mary
Jan 19 at 5:51













You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

– Mary
Jan 19 at 5:53





You are using an SqlCommand and an SqlDataAdapter but you are catching an OleDbException. What database are you using???

– Mary
Jan 19 at 5:53












1 Answer
1






active

oldest

votes


















1














Use parameter names in the query:



Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)

        command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text





share|improve this answer





















  • 2





    Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

    – Andrew Morton
    Jan 18 at 22:25













  • @AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

    – Vidmantas Blazevicius
    Jan 19 at 9:42











  • Thank you so much , it helped to solve the syntax error.

    – aartitirtha pramodkumar
    Jan 19 at 11:30






  • 1





    @aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

    – Vidmantas Blazevicius
    Jan 19 at 11:56











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54260807%2fhow-to-fix-incorrect-syntax-near%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














Use parameter names in the query:



Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)

        command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text





share|improve this answer





















  • 2





    Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

    – Andrew Morton
    Jan 18 at 22:25













  • @AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

    – Vidmantas Blazevicius
    Jan 19 at 9:42











  • Thank you so much , it helped to solve the syntax error.

    – aartitirtha pramodkumar
    Jan 19 at 11:30






  • 1





    @aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

    – Vidmantas Blazevicius
    Jan 19 at 11:56
















1














Use parameter names in the query:



Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)

        command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text





share|improve this answer





















  • 2





    Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

    – Andrew Morton
    Jan 18 at 22:25













  • @AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

    – Vidmantas Blazevicius
    Jan 19 at 9:42











  • Thank you so much , it helped to solve the syntax error.

    – aartitirtha pramodkumar
    Jan 19 at 11:30






  • 1





    @aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

    – Vidmantas Blazevicius
    Jan 19 at 11:56














1












1








1







Use parameter names in the query:



Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)

        command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text





share|improve this answer















Use parameter names in the query:



Dim command As New SqlCommand("SELECT [username],[password] FROM [stud_table] WHERE [username] = @username", connection)

        command.Parameters.AddWithValue("@username", SqlDbType.NVarChar) = Me.UsernameTextBox.Text






share|improve this answer














share|improve this answer



share|improve this answer








edited Jan 19 at 9:41

























answered Jan 18 at 20:25









Vidmantas BlazeviciusVidmantas Blazevicius

1,518416




1,518416








  • 2





    Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

    – Andrew Morton
    Jan 18 at 22:25













  • @AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

    – Vidmantas Blazevicius
    Jan 19 at 9:42











  • Thank you so much , it helped to solve the syntax error.

    – aartitirtha pramodkumar
    Jan 19 at 11:30






  • 1





    @aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

    – Vidmantas Blazevicius
    Jan 19 at 11:56














  • 2





    Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

    – Andrew Morton
    Jan 18 at 22:25













  • @AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

    – Vidmantas Blazevicius
    Jan 19 at 9:42











  • Thank you so much , it helped to solve the syntax error.

    – aartitirtha pramodkumar
    Jan 19 at 11:30






  • 1





    @aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

    – Vidmantas Blazevicius
    Jan 19 at 11:56








2




2





Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

– Andrew Morton
Jan 18 at 22:25







Please do not suggest the use of AddWithValue. There are many articles explaining that there are problems with it, e.g. AddWithValue is Evil and AddWithValue is evil! But the syntax correction is otherwise good.

– Andrew Morton
Jan 18 at 22:25















@AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

– Vidmantas Blazevicius
Jan 19 at 9:42





@AndrewMorton Thank you for the note, I've edited the syntax correction with the preferred overload.

– Vidmantas Blazevicius
Jan 19 at 9:42













Thank you so much , it helped to solve the syntax error.

– aartitirtha pramodkumar
Jan 19 at 11:30





Thank you so much , it helped to solve the syntax error.

– aartitirtha pramodkumar
Jan 19 at 11:30




1




1





@aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

– Vidmantas Blazevicius
Jan 19 at 11:56





@aartitirthapramodkumar If that has solved your problem, please mark the answer as accepted.

– Vidmantas Blazevicius
Jan 19 at 11:56


















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54260807%2fhow-to-fix-incorrect-syntax-near%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Liquibase includeAll doesn't find base path

Image
0 while migrating a project from maven to gradle I ran in the following problem. My file structure looks like this: The changelog-master.xml includes the changelog-v1-0.xml, which then should include the directory v1-0 with following line: <includeAll path="src/main/resources/liquibase/changelogs/v1-0/" errorIfMissingOrEmpty="true" /> . This works just fine. This: <includeAll path="/liquibase/changelogs/v1-0/" errorIfMissingOrEmpty="true" relativeToChangelogFile="true" /> doesn't. I get following errormessage: Cannot find base path 'src/main/resources/liquibase/changelogs/changelog-v1-0.xml' with liquibase in version 3.6.2. I also tried the versions 3.6.0, 3.6.1 and 3.5.5. I am using gradle to build my project in version 4.9
Read more

How to use setInterval in EJS file?

Image
0 I have a problem with using setInterval in my EJS file, which is part of my nodejs app (with Express). I have created function getRandomSubarray , which chooses randomly subset of images from array. I want to change this subset every three seconds. This is problematic piece of my code: <%setInterval(function(){%> <%RandomSubrecipesImg=tools.getRandomSubarray(recipesImg,4)%> <div class="navbar-image-box col-sm-3 d-none d-sm-block"><img class="navbar-image" src="<%=RandomSubrecipesImg[0].replace('public',"")%>"></div> <div class="navbar-image-box col-sm-3 d-none d-sm-block"><img class="navbar-image" src="<%=RandomSubrecipesImg[1].replace('public',"")%>">&
Read more

Petrus Granier-Deferre

Image
Petrus Granier-Deferre (Lutetiae die 27 Iulii 1927 natus; ibidem die 16 Novembris 2007 mortuus) fuit moderator cinematographicus et dux scaenarum Francicus. Pelliculae selectae | 1961 : Le Petit Garçon de l'ascenseur 1962 : Les Aventures de Salavin (sous-titré Confession de minuit) 1965 : La Métamorphose des cloportes 1965 : Paris au mois d'août 1967 : Le Grand Dadais 1970 : La Horse 1971 : Le Chat 1971 : La Veuve Couderc 1973 : Le Fils 1973 : Le Train 1974 : La Race des seigneurs 1975 : La Cage 1975 : Adieu poulet 1976 : Une femme à sa fenêtre 1976 : Le Toubib 1981 : Une étrange affaire 1982 : L'Étoile du Nord 1983 : L'Ami de Vincent 1985 : L'Homme aux yeux d'argent 1986 : Cours privé 1987 : Noyade interdite 1988 : La Couleur du vent 1990 : L'Autrichienne 1995 : Le Petit Garçon 1992 : La Voix 1993 : Archipel 1995 : Maigret et la vente à la bougie (TV) 1996 : La Dernière Fête (TV) 1997 : Maigret et l'enfant de c
Read more