C# Question

What is the proper query for the update statement?

how can i get rid of this "Syntax error in string in query expression ''2333" erorr?

con.Open();
OleDbCommand dt = new OleDbCommand("UPDATE AccRec SET Quantity=" + txtQuantity2.Text + ", Unit=" + txtUnit2.Text + " ,Company=" + txtCompany2.Text + ", Description=" + txtDesc2.Text + ", Amount='" + txtAmt2.Text + " Where No=" + textBox1.Text +"",con);Where No=5'.


dt.ExecuteNonQuery();
MessageBox.Show("updated");
OleDbDataAdapter da = new OleDbDataAdapter("SELECT * From AccRec ", con);
DataTable ds = new DataTable();
da.Fill(ds);
dataGridView2.DataSource = ds;
con.Close();

Answer

Just try this Code

con.Open();
OleDbCommand dt = new OleDbCommand("UPDATE  AccRec SET  Quantity=@P1, Unit=@P2 ,Company=@P3, Description=@P4, Amount=@P5 Where No=@P6",con);

dt.Parameters.Add("@P1", SqlDbType.VarChar);
dt.Parameters["@P1"].Value = txtQuantity2.Text ;
dt.Parameters.Add("@P2", SqlDbType.VarChar);
dt.Parameters["@P2"].Value = txtUnit2.Text;
dt.Parameters.Add("@P3", SqlDbType.VarChar);
dt.Parameters["@P3"].Value = txtCompany2.Text;
dt.Parameters.Add("@P4", SqlDbType.VarChar);
dt.Parameters["@P4"].Value = txtDesc2.Text ;
dt.Parameters.Add("@P5", SqlDbType.VarChar);
dt.Parameters["@P5"].Value = txtAmt2.Text ;
dt.Parameters.Add("@P6", SqlDbType.VarChar);
dt.Parameters["@P6"].Value = textBox1.Text;

dt.ExecuteNonQuery();

MessageBox.Show("updated");
OleDbDataAdapter da = new OleDbDataAdapter("SELECT * From AccRec ", con);
DataTable ds = new DataTable();
da.Fill(ds);
dataGridView2.DataSource = ds;
con.Close();