• 0

C#/ASP Incorrect syntax problem with ExecuteNonQuery


Question

I have the following code

	public int put(object _a)
	{
		SqlConnection conn = _dbFacade.getConnection();
		SqlCommand cmd = null;

		cmd = new SqlCommand(
			"INSERT INTO User (username, passwordHash, firstname, lastname, email, creationDate, accountStatus, access_ID) " + 
			"VALUES( @uname, @pword, @fname, @lname, @email, @cdate, @status, @accessID)", conn);

		cmd.Parameters.Add("@uname", SqlDbType.VarChar, 20);
		cmd.Parameters.Add("@pword", SqlDbType.VarChar, 40);
		cmd.Parameters.Add("@fname", SqlDbType.VarChar, 25);
		cmd.Parameters.Add("@lname", SqlDbType.VarChar, 25);
		cmd.Parameters.Add("@email", SqlDbType.VarChar, 50);
		cmd.Parameters.Add("@cdate", SqlDbType.DateTime);
		cmd.Parameters.Add("@status", SqlDbType.Bit);
		cmd.Parameters.Add("@accessID", SqlDbType.Int);

		cmd.Parameters["@uname"].Value = ((WeddingPlanner.User)_a).Username;
		cmd.Parameters["@pword"].Value = ((WeddingPlanner.User)_a).Password;
		cmd.Parameters["@fname"].Value = ((WeddingPlanner.User)_a).Firstname;
		cmd.Parameters["@lname"].Value = ((WeddingPlanner.User)_a).Lastname;
		cmd.Parameters["@email"].Value = ((WeddingPlanner.User)_a).Email;
		cmd.Parameters["@cdate"].Value = ((WeddingPlanner.User)_a).CreationDate;
		cmd.Parameters["@status"].Value = ((WeddingPlanner.User)_a).Account_status;
		cmd.Parameters["@accessID"].Value = ((WeddingPlanner.User)_a).UserAccess.OID;

		return _dbFacade.executeStatement_NonQuery(cmd);
	}

And upon execution, I get the following error,

Incorrect syntax near the keyword 'User'.

With a stacktrace of

SqlException (0x80131904): Incorrect syntax near the keyword 'User'.]
   System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) +1948826
   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) +4844747
   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) +194
   System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) +2392
   System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) +204
   System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async) +954
   System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result) +162
   System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(DbAsyncResult result, String methodName, Boolean sendToPipe) +175
   System.Data.SqlClient.SqlCommand.ExecuteNonQuery() +137
   DBFacade.executeStatement_NonQuery(SqlCommand _theCommand) in C:\Inetpub\bts630_091a05\webcontent\App_Code\DBFacade.cs:73

I've been looking at this function for hours and I cant find the problem.

Any ideas?

Edit: Resolved. This always happens after I post here on Neowin, five minutes later I find the answer :) User is a reserved keyword. I shouldn't even be using that name anyways for security reasons.

Edited by AaronMT
Link to comment
Share on other sites

1 answer to this question

Recommended Posts

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.