Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Unclosed Quotation Mark Error RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Web Form post back reports: Unclosed quotation mark after the character string error

    Message reads:


    An Error Occurred: System.Data.SqlClient.SqlException: Unclosed quotation mark after the character string ''. Incorrect syntax near ''. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async) at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe) at System.Data.SqlClient.SqlCommand.ExecuteNonQuery() at _Default.Button1_Click(Object sender, EventArgs e) in http://server/Default.aspx.vb:line 17

     

    Imports System.Data

Imports System.Data.SqlClient

Partial Class _Default

 Inherits System.Web.UI.Page



 Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click





 Dim conn As SqlConnection = Nothing

 Try

  conn.Open()

  Dim myCommand As SqlCommand

  Dim sqlQuery As String

  sqlQuery = "INSERT INTO Application values ('" & TextBox1.Text.ToString() & "' , '" & TextBox2.Text.ToString() & "','" & TextBox3.Text.ToString() & "','" & TextBox4.Text.ToString() & "','" & TextBox5.Text.ToString() & "')"

  myCommand = New SqlCommand(sqlQuery, conn)

  myCommand.ExecuteNonQuery()

  Response.Write("Inserted the value: '" & TextBox1.Text.ToString() & "' in the database.")

  TextBox1.Text = ""

  Response.Write("Inserted the value: '" & TextBox2.Text.ToString() & "' in the database.")

  TextBox2.Text = ""

  Response.Write("Inserted the value: '" & TextBox3.Text.ToString() & "' in the database.")

  TextBox3.Text = ""

  Response.Write("Inserted the value: '" & TextBox4.Text.ToString() & "' in the database.")

  TextBox4.Text = ""

  Response.Write("Inserted the value: '" & TextBox5.Text.ToString() & "' in the database.")

  TextBox5.Text = ""

 Catch x As Exception

  Response.Write("An Error Occurred: " & x.ToString())

 Finally

  conn.Close()

 End Try





 End Sub



 Protected Sub TextBox1_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles TextBox1.TextChanged



 End Sub



 Protected Sub TextBox2_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles TextBox1.TextChanged



 End Sub



 Protected Sub TextBox3_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles TextBox2.TextChanged



 End Sub



 Protected Sub TextBox4_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles TextBox3.TextChanged



 End Sub



 Protected Sub TextBox5_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles TextBox4.TextChanged



 End Sub

End Class
    • Edited by hal.h Tuesday, August 31, 2010 6:08 AM
    • Moved by Kira Qian Tuesday, August 31, 2010 7:16 AM ASP.NET Issue (From:Windows Forms Data Controls and Databinding)
    Friday, August 27, 2010 9:49 PM

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    Although your query looks correct this error is also possible if text in textbox contains Quotation mark. You can use SQLParameter instead to avoid it. And it's more advisable to use SQLParameter in insert/delete/update statement to avoid SQL Injection.

    Also please use ASP.NET Forum for ASP.NET related questions, as web experts there can provide better solutions.

    Gaurav Khanna
    Saturday, August 28, 2010 7:05 PM