Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Nov 2002
    Posts
    567
    Thanks
    2
    Thanked 4 Times in 4 Posts

    One field not inserting to DB

    All other fileds in this form get inserted into my DB. If I include the last (request.form("desc")) which is a textarea, I get;

    Microsoft JET Database Engine error '80040e14'

    Syntax error in INSERT INTO statement.

    /infoForm.asp, line 185

    But I can't see what is wrong with it. This is the same as the comments section. Please someone, look at this and spot my error for me?

    Code:
    Sub InsertInquirySecondary()
    	Dim sql
    	response.write("Inserting secondary")
          sql="INSERT INTO Inquiries (comments,survType,vol,page,Desc)"
          sql=sql & " VALUES "
          sql=sql & "('" & request.form("comments") & "',"
    	  sql=sql & "'" & request.form("survType") & "',"
    	  sql=sql & "'" & request.form("vol") & "',"
    	  sql=sql & "'" & request.form("page") & "',"
     sql=sql "'" & request.form("desc") & "');" 
    	  dbCnxn.Execute sql
    End Sub
    
    
    the form parts
    
           <td class="field" colspan=4><textarea  Rows="4" cols="59" name="Desc"><% =server.htmlEncode(Desc) %></textarea></td>
    
    	<td class="field" ><input style="width=100%;" type="text" name="vol" value="<% =server.htmlEncode(vol) %>"></td>
    	<td class="field" ><input style="width=100%;" type-"text" name="page" value="<% =server.htmlEncode(page) %>"</td>
    
           <td class="field" colspan=><input style="width=100%;" name="survType" value="<% =server.htmlEncode(survType)%>" /></td>
    Thanks for the help.
    Scott Stewart
    Always happy to learn from pros.

  • #2
    Regular Coder
    Join Date
    Feb 2003
    Location
    South Africa
    Posts
    251
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Could be a couple of things... One being the contents of the "Desc" text area... you dont seem to have any replace of single inverted comments - ie: replace all ' with ''. Without this, very bad things can happen like SQL injection attacks etc...
    Bypass your proxy and get anonymous internet surfing FREE!

  • #3
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You indeed need to change the single quotes by two single quotes
    sticky : Single Quotes give me a syntax error!

    But what certainly is a problem is that you have a variable called "Desc" which is a reserver word in JetSQL --> so you need to change the variablename

  • #4
    Senior Coder
    Join Date
    Jun 2002
    Location
    Wichita
    Posts
    3,880
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You can either rename the field using the reserved word or escape it like this:

    sql="INSERT INTO Inquiries (comments,survType,vol,page,[Desc])"
    Check out the Forum Search. It's the short path to getting great results from this forum.

  • #5
    Regular Coder
    Join Date
    Nov 2002
    Posts
    567
    Thanks
    2
    Thanked 4 Times in 4 Posts
    Thank you,

    It seems the RESERVED word was the problem. I had not yet added the Format SQL routine to double my single quotes, but now I can since the data is getting to the DB.

    Thanks for everyone's help.
    Scott Stewart
    Always happy to learn from pros.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •