Maksim Vi. Maksim Vi. - 7 months ago 20
SQL Question

ASP.NET ODBC Query with parameters

Please help me, I don't know what can be wrong with the following code:

OdbcConnection conn = new OdbcConnection(connString);
String query = "INSERT INTO customer (custId, custName, custPass, "+
"custEmail, custAddress, custAge) VALUES (" +
"@ID, @Name, @Pass, @Email, @Address, @Age)";

OdbcCommand exe = new OdbcCommand(query, conn);
exe.Parameters.Add("@ID", OdbcType.UniqueIdentifier).Value = id;
exe.Parameters.Add("@Name", OdbcType.VarChar).Value = name;
exe.Parameters.Add("@Pass", OdbcType.VarChar).Value = pass;
exe.Parameters.Add("@Email", OdbcType.VarChar).Value = email;
exe.Parameters.Add("@Address", OdbcType.VarChar).Value = address;
exe.Parameters.Add("@Age", OdbcType.Int).Value = age;
conn.Open();
exe.ExecuteNonQuery(); // ERROR [07002] [Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected 6.


This code throws me
Too few parameters.
error when I am trying to execute query. The database is fine, it works fine when I hardcode values into a query, instead of using parameters.

Thank you.

Answer

From MSDN:

When CommandType is set to Text, the .NET Framework Data Provider for ODBC does not support passing named parameters to an SQL statement or to a stored procedure called by an OdbcCommand. In either of these cases, use the question mark (?) placeholder. For example:

SELECT * FROM Customers WHERE CustomerID = ?

Rewrite your query to

OdbcConnection conn = new OdbcConnection(connString);
    String query = "INSERT INTO customer (custId, custName, custPass, "+
                   "custEmail, custAddress, custAge) VALUES (" +
                   "?, ?, ?, ?, ?, ?)";

Order of Parameter counts!

EDIT: Parameter can be added this way:

OdbcCommand exe = new OdbcCommand(query, conn);
exe.Parameters.Add("ID", OdbcType.UniqueIdentifier).Value = id;
exe.Parameters.Add("Name", OdbcType.VarChar).Value = name;
exe.Parameters.Add("Pass", OdbcType.VarChar).Value = pass;
exe.Parameters.Add("Email", OdbcType.VarChar).Value = email;
exe.Parameters.Add("Address", OdbcType.VarChar).Value = address;
exe.Parameters.Add("Age", OdbcType.Int).Value = age;