How do you fix the error "Syntax error in UPDATE statement"?

Hot Topic

Problem inserting small date time in a sql server database
AcceptRejectRule
updating records
Trace Listener
Endless waiting in use of System.Net.Sockets.Socket.Receive()
Performance problem with SQL 2005 and ADO.NET
MSMQ Serializable Hashtable subclass causes a hang when extracting Message.Body
Windows XP Home Edition
ODBC Error in VB.NET after upgraded
Access, ADO.NET, Memory?

.NET Development

WebClient,... Can't get files using ".php?" types of links...
HTTPS?
Assembly.Load to not throw a FileNotFoundException
.NET 1.1 process.kill?
System.AccessViolationException: Attempted to read or write protected memory.
VB.NET - How do I use Doevents() in Class Library
.NET Runtime 2.0 Error Reporting
Best practice while writing C# functions
Access to a smartcard private key
Single .NET executable - linkers

How do you fix the error "Syntax error in UPDATE statement"?

Guys, I need your help to fix this error since it's been bugging me for 2 weeks already to find a solution in the internet or book that won't work properly. I tried fixing the update statement command but still shows the same error.

Below is the source code:

Public Sub changePassword(ByVal uName As String, ByVal pWord As String)

Try

'change the user's password

Dim conn As System.Data.OleDb.OleDbDataAdapter = New System.Data.OleDb.OleDbDataAdapter

Dim cmd As System.Data.OleDb.OleDbCommand = New System.Data.OleDb.OleDbCommand

changeUserPasswordDataSet = New System.Data.DataSet

connection2.Open()

trans = connection2.BeginTransaction

cmd.Connection = connection2

cmd.CommandText = "UPDATE Users SET password = '" & pWord & "' WHERE username = '" & uName & "';"

cmd.CommandType = CommandType.Text

cmd.Transaction = trans

cmd.ExecuteNonQuery()

trans.Commit()

Catch ex As Exception

trans.Rollback()

Throw ex

Finally

connection2.Close()

connection2.Dispose()

trans.Dispose()

End Try

End Sub

Answer this question

How do you fix the error "Syntax error in UPDATE statement"?

coolerelf
Thank you for answering. I did number 1 but I'm not sure if what I did in number 2 is correct. In case both were followed, the code would look like the one below, right The problem I encountered now is it is not being stored in the actual database, just in memory only. Guys, please help.

Public Sub changePassword(ByVal uName As String, ByVal pWord As String)

Try

'change the user's password

Dim conn As System.Data.OleDb.OleDbDataAdapter = New System.Data.OleDb.OleDbDataAdapter

Dim cmd As System.Data.OleDb.OleDbCommand = New System.Data.OleDb.OleDbCommand

changeUserPasswordDataSet = New System.Data.DataSet

connection2.Open()

trans = connection2.BeginTransaction

cmd.Connection = connection2

cmd.CommandText = "UPDATE Users SET [password] = WHERE [username] = "

cmd.Parameters.AddWithValue("[password]", uName)

cmd.Parameters.AddWithValue("[username]", pWord)

cmd.CommandType = CommandType.Text

cmd.Transaction = trans

cmd.ExecuteNonQuery()

trans.Commit()

Catch ex As Exception

trans.Rollback()

Throw ex

Finally

connection2.Close()

connection2.Dispose()

trans.Dispose()

End Try

End Sub
Navaneeth

You're assigning the uName value to the password parameter and the pWord value to the username parameter. I think you probably want the following:

cmd.Parameters.AddWithValue("[password]", pWord)
cmd.Parameters.AddWithValue("[username]", uName)
AstralPilot

a couple of suggestions:

1. put square brackets around your field names when there is a possiblity of conflict with reserved/key words

2. Try using stored procedures and pass the variables as parameters of the command object...

hope that helps
JD3027
Oh my holy goodness caramba!!! How careless of me... That's the reason why I didn't get to perform the database command properly.

Thanks Paul P Clement IV, it's correct this time! To DMan1, thank you for helping me out get to the correct solution too. :-)
How do you fix the error "Syntax error in UPDATE statement"?

Answer this question