mysql - Some values do not store in the database

Question

i have this code:

    Private Sub btnAdd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnAdd.Click

    If txtCode.Text <> "878" Then
        If ((txtCode.Text <> "") And (txtRefNo.Text <> "") And (txtPayee.Text <> "") And (txtOffice.Text <> "") And (txtAddress.Text <> "") And (txtParticulars.Text <> "") And (txtPPA.Text <> "") And (txtAmount.Text <> "")) Then
            Try
                If IsNumeric(txtAmount.Text) = False Then
                    MsgBox("Amount value should be in correct number format! e.g: 10000.00 or 10,000.00", MsgBoxStyle.Exclamation)
                    Exit Sub
                End If

                modGlobalFunctions.Connection.Close()
                modGlobalFunctions.connectDatabase()

                modGlobalFunctions.DateTimeNow = String.Format("{0:yyyy/MM/dd}", DateTime.Now)

                Dim Reader As MySqlDataReader
                Dim Amount As Double = Double.Parse(txtAmount.Text)

                Reader = modGlobalFunctions.executeQuery("SELECT * FROM obligations " & _
                                                         "WHERE ref_no='" & txtRefNo.Text & "'")
                If Reader.HasRows Then
                    MessageBox.Show("Could not insert duplicate entries for REFERENCE NO.!", "Form Validations", MessageBoxButtons.OK, MessageBoxIcon.Error)
                    Reader.Close()
                    modGlobalFunctions.Connection.Close()

                Else
                    modGlobalFunctions.Connection.Close()
                    modGlobalFunctions.connectDatabase()

                    modGlobalFunctions.executeNonQuery("INSERT INTO obligations (resp_id, year_id, expenditure_id, ref_no, payee, office, address, particulars, ppa, amount, date_entered, date_edited, signature1, position1, signature2, position2) " & _
                                                       "VALUES ('" & RespCenterId & "', " & _
                                                               "'" & YearId & "', " & _
                                                               "'" & txtExpId.Text & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtRefNo.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtPayee.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtOffice.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtAddress.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtParticulars.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtPPA.Text) & "', " & _
                                                               "'" & Amount & "', " & _
                                                               "'" & modGlobalFunctions.DateTimeNow & "', " & _
                                                               "'" & modGlobalFunctions.DateTimeNow & "', " & _
                                                               "'" & Signature1 & "', " & _
                                                               "'" & Position1 & "', " & _
                                                               "'" & Signature2 & "', " & _
                                                               "'" & Position2 & "')")

                    MsgBox("Record has been added!", MsgBoxStyle.Information)
                    modGlobalFunctions.Connection.Close()

                    Me.Close()
                    Dispose()
                    frmObligations.MdiParent = frmMain
                    frmObligations.Show()
                    frmObligations.obligationLoadGrid()

                End If

            Catch ex As Exception
                MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
            End Try

        Else
            MsgBox("Please fill up all form fields!", MsgBoxStyle.Exclamation)
            modGlobalFunctions.Connection.Close()
        End If

        modGlobalFunctions.Connection.Close()


    Else

        If ((txtCode.Text <> "") And (txtRefNo.Text <> "") And (txtPayee.Text <> "") And (txtOffice.Text <> "") And (txtAddress.Text <> "") And (txtParticulars.Text <> "")) Then
            Try

                modGlobalFunctions.Connection.Close()
                modGlobalFunctions.connectDatabase()

                modGlobalFunctions.DateTimeNow = String.Format("{0:yyyy/MM/dd}", DateTime.Now)

                Dim Reader As MySqlDataReader

                Reader = modGlobalFunctions.executeQuery("SELECT * FROM obligations " & _
                                                         "WHERE ref_no='" & txtRefNo.Text & "'")
                If Reader.HasRows Then
                    MessageBox.Show("Could not insert duplicate entries for REFERENCE NO.!", "Form Validations", MessageBoxButtons.OK, MessageBoxIcon.Error)
                    Reader.Close()
                    modGlobalFunctions.Connection.Close()
                Else
                    modGlobalFunctions.Connection.Close()
                    modGlobalFunctions.connectDatabase()

                    modGlobalFunctions.executeNonQuery("INSERT INTO obligations (resp_id, year_id, expenditure_id, ref_no, payee, office, address, particulars, date_entered, date_edited, signature1, position1, signature2, position2) " & _
                                                       "VALUES ('" & RespCenterId & "', " & _
                                                               "'" & YearId & "', " & _
                                                               "'" & txtExpId.Text & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtRefNo.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtPayee.Text) & "', " & _
                                                               "'" & odGlobalFunctions.addslashes(txtOffice.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtAddress.Text) & "', " & _
                                                               "'" & modGlobalFunctions.addslashes(txtParticulars.Text) & "', " & _
                                                               "'" & modGlobalFunctions.DateTimeNow & "', " & _
                                                               "'" & modGlobalFunctions.DateTimeNow & "', " & _
                                                               "'" & Signature1 & "', " & _
                                                               "'" & Position1 & "', " & _
                                                               "'" & Signature2 & "', " & _
                                                               "'" & Position2 & "')")

                    MsgBox("Record has been added! You can now add project title!", MsgBoxStyle.Information)
                    frmProject.MdiParent = frmMain
                    frmProject.Show()
                    frmProject.Label2.Text = txtRefNo.Text
                    Me.Enabled = False

                End If

            Catch ex As Exception
                MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
            End Try

        Else
            MsgBox("Please fill up all form fields!", MsgBoxStyle.Exclamation)
            modGlobalFunctions.Connection.Close()
        End If

        modGlobalFunctions.Connection.Close()

    End If

End Sub

What do you think is the problem why Signature1, Position1, Signature2 and Position2 doesn't store in the database. It works fine before until i put the if code because of the category... by the way here's the code for signature1, position1, signature2 and position2:

Signature1:

     Private Sub cbSignatory1_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
    Try
        modGlobalFunctions.Connection.Close()
        modGlobalFunctions.connectDatabase()

        Reader = modGlobalFunctions.executeQuery("SELECT person_id FROM persons WHERE person_name='" & cbSignatory1.Text & "'")

        If Reader.HasRows Then
            While Reader.Read
                Signature1 = Reader("person_id").ToString()
            End While
        End If

        Reader.Close()

        modGlobalFunctions.Connection.Close()

     Catch ex As Exception
        MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

    modGlobalFunctions.Connection.Close()
End Sub

Signature2:

Private Sub cbSignatory2_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
    Try
        modGlobalFunctions.Connection.Close()
        modGlobalFunctions.connectDatabase()

        Reader = modGlobalFunctions.executeQuery("SELECT person_id FROM persons WHERE person_name='" & cbSignatory2.Text & "'")

        If Reader.HasRows Then
            While Reader.Read
                Signature2 = Reader("person_id").ToString()
            End While
        End If

        Reader.Close()

        modGlobalFunctions.Connection.Close()

    Catch ex As Exception
        MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

    modGlobalFunctions.Connection.Close()
End Sub

Position1:

Private Sub cbPosition1_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
    Try
        modGlobalFunctions.Connection.Close()
        modGlobalFunctions.connectDatabase()

        Reader = modGlobalFunctions.executeQuery("SELECT position_id FROM positions WHERE position_name='" & cbPosition1.Text & "'")

        If Reader.HasRows Then
            While Reader.Read
                Position1 = Reader("position_id").ToString()
            End While
        End If

        Reader.Close()

        modGlobalFunctions.Connection.Close()

    Catch ex As Exception
        MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

    modGlobalFunctions.Connection.Close()
End Sub

Position2:

Private Sub cbPosition2_SelectedIndexChanged(ByVal sender As System.Object, ByVal e As System.EventArgs)
    Try
        modGlobalFunctions.Connection.Close()
        modGlobalFunctions.connectDatabase()

        Reader = modGlobalFunctions.executeQuery("SELECT position_id FROM positions WHERE position_name='" & cbPosition2.Text & "'")

        If Reader.HasRows Then
            While Reader.Read
                Position2 = Reader("position_id").ToString()
            End While
        End If

        Reader.Close()

        modGlobalFunctions.Connection.Close()


    Catch ex As Exception
        MessageBox.Show(ex.Message, "BIMS", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

    modGlobalFunctions.Connection.Close()
End Sub

any suggestions?

score 2 · Accepted Answer

I bet Person_ID and position_id are numeric types in your database. Right? The reason it's not inserting because you wrapped it with single quotes:

 "'" & Signature1 & "', " & _        // <== here
 "'" & Position1 & "', " & _
 "'" & Signature2 & "', " & _
 "'" & Position2 & "'

Numeric values are not wrap with single quotes. One more thing, I suggest you use Command and parameters to avoid SQL Injection.

Example based on your code:

Dim sqlStatement AS String = "INSERT INTO obligations (resp_id, year_id, expenditure_id, "
sqlStatement &= "ref_no, payee, office, address, particulars, ppa, amount, date_entered, "
sqlstetement &= "date_edited, signature1, position1, signature2, position2) "
sqlstetement &= "VALUES (@resp_id, @year_id, @expenditure_id, "
sqlStatement &= "@ref_no, @payee, @office, @address, @particulars, @ppa, @amount, @date_entered, "
sqlstetement &= "@date_edited, @signature1, @position1, @signature2, @position2) "

Using xConn AS New MySQLConnection(connStrHere)
    Using xComm AS New MySQLCommand()
        With xComm
            .Connection = xConn
            .CommandType = CommandType.Text
            .CommandText = sqlStatement
            .Parameter.AddWithValue("@resp_id", RespCenterId)
            .Parameter.AddWithValue("@year_id", YearId)
            .Parameter.AddWithValue("@expenditure_id", txtExpId.Text)
            ' continue with other parameters
            ' .....
            ' until you reach the last parameters  '
            .Parameter.AddWithValue("@signature1", Signature1)
            .Parameter.AddWithValue("@position1", Position1)
            .Parameter.AddWithValue("@signature2", Signature2)
            .Parameter.AddWithValue("@position2", Position2)
        End With
        Try
            xConn.Open()
            xComm.ExecuteNonQuery()
            MsgBox("Record has been added!", MsgBoxStyle.Information)
        Catch ex AS MySQLException
            MsgBox(e.Message, MsgBoxStyle.Exclamation)
        Finally
            xConn.Open()
        End try
    End Using
End Using

mysql - Some values do not store in the database

1 回答 1

Related

Reference