Help in Syntax Error in Insert Statement :-( 1

[kazai]

Can Anyone help me find a syntax error in this statement?

strSQL = "Insert into SIGNIN (FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID) values ( "& txt_fName &","& txt_lName &","& txt_UserName &","& txt_Password &","& txt_Email &&quot"

 

[KodoSan]

you need to surround your values like so '"&value&"'

 

[ToddWW]

Here it is re-written.

strSQL = "Insert into SIGNIN (FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID) values ('"& txt_fName &"','"& txt_lName &"','"& txt_UserName &"','"& txt_Password &"','"& txt_Email &"')"

Basically, when you send a character value in SQL, you need to surround it with single quotes. So your final SQL string would look like this.

Insert into SIGNIN (FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID) values ('John','Doe','doej','letmein','johndoe@hotmail.com')

When ever I am baffled on an SQL error, I place the following line just before I execute the statement.

Response.Write strSQL & &quot;<br>&quot;

That way, my SQL statement will be rendered in the browser so I can examine it for errors.

Hope this helps.

ToddWW

 

[kazai]

Hello Todd,
I tried replacing it, but it still gives me the same error. I have placed Response.Write's after every string like this, but the strings never seem to appear when I execute the file. A page saying"page cannot be displayed...." comes, with the error description:
Error Type:
Microsoft VBScript compilation (0x800A03EA)
Syntax error
/Malavika/PFEfiles/SIGN_IN_ASP_files/Insert.asp, line 62, column 15

This is the line of the Insert statement above.
I can't seem to figure this out!!!!
Do let me know if you have any suggestions.
Thankyou very much.

 

[ToddWW]

OK. Just to confirm. Are you getting the error on the line that assigns the string to strSQL or are you getting the error on the line that executes the SQL statement ??

ToddWW

 

[kazai]

I'm geeting it on the line that assigns the string.

 

[ToddWW]

OK, I just ran the following lines on a page in my application and I did not get an error.

<%@ Language=VBScript %>

<%
strSQL = &quot;Insert into SIGNIN (FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID) values ('&quot;& txt_fName &&quot;','&quot;& txt_lName &&quot;','&quot;& txt_UserName &&quot;','&quot;& txt_Password &&quot;','&quot;& txt_Email &&quot;')&quot;
%>

Can you post the entire page for /Malavika/PFEfiles/SIGN_IN_ASP_files/Insert.asp here so I can take a look.

ToddWW

 

[kazai]

Here you Go Todd,
I appreciate the help..thank you very much. Line 1 starts from <HTML>.

<HTML>
<BODY>
<FORM>
<%@ Language=VBScript %>
<%
Dim Str1
Dim Str2
Dim txt_UserName
Dim txt_Password
Dim txt_fName
Dim txt_lName
Dim txt_Email
Dim hdn_InsCheck
Response.Write(&quot;here&quot
hdn_InsCheck = Request.Form(&quot;hdn_InsCheck&quot
txt_UserName = Request.Form(&quot;txt_UserName&quot
txt_Password = Request.Form(&quot;txt_Password&quot
if hdn_InsCheck = &quot;Insert&quot; then
txt_fName = Request.Form(&quot;txt_fName&quot
txt_lName = Request.Form(&quot;txt_lName&quot
txt_Email = Request.Form(&quot;txt_Email&quot
end if

set cnn = server.CreateObject(&quot;ADODB.connection&quot
set adoRs1 = server.CreateObject(&quot;ADODB.recordset&quot
set adoRs2 = server.CreateObject(&quot;ADODB.recordset&quot

cnn.Open &quot;driver={SQLServer}; server=...........; database=.........; uid=......; password=......&quot;

adoRs1.ActiveConnection = cnn
adoRs2.ActiveConnection = cnn
if hdn_InsCheck = &quot;Check&quot; or hdn_InsCheck = &quot;ViewCheck&quot; then
Str1 = &quot;select * from SIGNIN where USERNAME = '&quot;&txt_UserName&&quot;' AND USERPASSWORD = '&quot;& txt_Password &&quot;'&quot;
Response.Write Str1 & &quot;<br>&quot;
adoRs1.open(Str1)

if (adoRs1.EOF) then
Session(&quot;InvalidID&quot = &quot;InvalidId&quot;
if hdn_InsCheck = &quot;Check&quot; then
Response.Redirect(&quot;signin.asp&quot
elseif hdn_InsCheck = &quot;ViewCheck&quot; then
Response.Redirect(&quot;ViewCheck.asp&quot
end if
else
if hdn_InsCheck = &quot;Check&quot; then
Response.Redirect(&quot;SubscribePage.asp&quot
elseif hdn_InsCheck = &quot;ViewCheck&quot; then
Response.Redirect(&quot;xyz.asp&quot
end if
end if


elseif hdn_InsCheck = &quot;Insert&quot; or hdn_InsCheck = &quot;InsertViewer&quot; then

Str2 = &quot;select USERNAME from SIGNIN where USERNAME = '&quot;& txt_UserName &&quot;'&quot;

adoRs1.open(Str2)
if adoRs1.EOF then
Str1 = &quot;Insert into SIGNIN(FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID)values('&quot;&txt_fName&&quot;','&quot;&txt_lName&&quot;','&quot;&txt_UserName&&quot;','&quot;&txt_Password&&quot;','&quot;&txt_Email&&quot;')&quot;
Response.Write Str1
adoRs2.open(Str1)
Response.write('here')
if hdn_InsCheck = &quot;Insert&quot; then
Response.redirect(&quot;subscribe.asp&quot
elseif hdn_InsCheck = &quot;InsertViewer&quot; then
Response.redirect(&quot;xyz.asp&quot
end if
else
Session(&quot;InvalidId&quot = &quot;DuplicateUserName&quot;
if hdn_InsCheck = &quot;Insert&quot; then
Response.redirect(&quot;register.asp&quot
elseif hdn_InsCheck = &quot;InsertViewer&quot; then
Response.redirect(&quot;NewViewer.asp&quot
end if
end if
end if
cnn.close
%>
</FORM>
</BODY>
</HTML>

Thanks again!!!
Radhika.

 

[ToddWW]

OK. This is the code that I see. I'm not at my test environment so I can't test the syntax of that string variable assignment. But I do see something that looks strange.

   if adoRs1.EOF then
Str1 = "Insert into SIGNIN(FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID)values('"&txt_fName&"','"&txt_lName&"','"&txt_UserName&"','"&txt_Password&"','"&txt_Email&"')"
         Response.Write Str1
     adoRs2.open(Str1)

adoRs2.open(Str1) Now, everyone has their unique way of creating recordsets and updating database so I'm not saying that yours is wrong. But I do think you might want to try cnn.Execute Str1 to get that insert statement to work correctly. I don't think you can open a recordset with an SQL INSERT statement. Also, I put white space on each side of my values parameter in my insert statement. Again, I can't test that from where I'm at, but it's another thing to think about. It probably doesn't matter.

ToddWW

 

[kazai]

Hello Todd,
Well, Itried cnn.Execute as well, but to no avail. Could tere be something wrong with the database itself??

 

[ToddWW]

Well, let's get back to the basics to see if that is the problem.

Create a new ASP page and copy this into it.

<%@ Language=VBScript %>
<% Option Explicit %>
<%
dim cnn
dim strSQL

set cnn = server.CreateObject(&quot;ADODB.connection&quot;)

cnn.Open &quot;driver={SQLServer}; server=.......&quot;

strSQL = &quot;Insert into SIGNIN (FIRSTNAME, LASTNAME, USERNAME, USERPASSWORD, EMAILID) values ('John','Doe','doej','letmein','johndoe@hotmail.com')&quot;

cnn.Execute strSQL
%>

Copy that exactly into an ASP page and run it. See if it adds the record to the signin table and / or let me know what errors you receive.

ToddWW

 

[kazai]

Hi Todd,
This works just fine...But the same thing with variables does'nt work. And it's not like the variables have blank values,I checked that out too...they all have valid values.
Thanks,
Radhika.

 

[ToddWW]

OK my friend. You're going to have to trouble shoot that page. You're using conventions on your recordsets that I'm not familiar with so it's not easy for me to debug. I do know, however, that you do need to issue the cnn.Execute strSQL statement to get that INSERT command to work correctly. So at least we identified that. Line 62 was that line in your page.

So, now that we've taken care of that, what error are you getting now, if any..

ToddWW

 

[kazai]

Hello Todd,
Well , actually the problem was that Request.Form was not working, so i used Request.Querystring instead, and Now its working just fine!!!
Is'nt that Strange??
Anyway, Thankyou so much for all your help!!
Radhika.

 

[ToddWW]

Well, I would suggest that you stay away from the Request.QueryString method when posting forms. Reason being is that this method has it's limitations the most convincing one is the limit of data you can send to the page through the QueryString (256 characters including the actual URL).

Therefore, you can go back to using the Request.Form method by making this simple change.

Back on the actual form that you are submitting, you have a <form action=&quot;posttopage.asp&quot; method=..> tag. Currently, that tag either does not have a method parameter in it or the method parameter is set to GET. All you have to do is add or change the method parameter to POST and you can use the Request.Form method on the page that is processing the form. I would highly recommend that you use this method unless you have specific reasons not to.

Does that make sense ??

ToddWW