View Full Version : One field not inserting to DB

10-14-2003, 02:53 PM
All other fileds in this form get inserted into my DB. If I include the last (request.form("desc")) which is a textarea, I get;

Microsoft JET Database Engine error '80040e14'

Syntax error in INSERT INTO statement.

/infoForm.asp, line 185

But I can't see what is wrong with it. This is the same as the comments section. Please someone, look at this and spot my error for me?

Sub InsertInquirySecondary()
Dim sql
response.write("Inserting secondary")
sql="INSERT INTO Inquiries (comments,survType,vol,page,Desc)"
sql=sql & " VALUES "
sql=sql & "('" & request.form("comments") & "',"
sql=sql & "'" & request.form("survType") & "',"
sql=sql & "'" & request.form("vol") & "',"
sql=sql & "'" & request.form("page") & "',"
sql=sql "'" & request.form("desc") & "');"
dbCnxn.Execute sql
End Sub

the form parts

<td class="field" colspan=4><textarea Rows="4" cols="59" name="Desc"><% =server.htmlEncode(Desc) %></textarea></td>

<td class="field" ><input style="width=100%;" type="text" name="vol" value="<% =server.htmlEncode(vol) %>"></td>
<td class="field" ><input style="width=100%;" type-"text" name="page" value="<% =server.htmlEncode(page) %>"</td>

<td class="field" colspan=><input style="width=100%;" name="survType" value="<% =server.htmlEncode(survType)%>" /></td>

Thanks for the help.

10-14-2003, 03:19 PM
Could be a couple of things... One being the contents of the "Desc" text area... you dont seem to have any replace of single inverted comments - ie: replace all ' with ''. Without this, very bad things can happen like SQL injection attacks etc...

10-14-2003, 03:34 PM
You indeed need to change the single quotes by two single quotes
sticky : http://www.codingforums.com/showthread.php?s=&threadid=9843

But what certainly is a problem is that you have a variable called "Desc" which is a reserver word in JetSQL --> so you need to change the variablename

Roy Sinclair
10-14-2003, 04:10 PM
You can either rename the field using the reserved word or escape it like this:

sql="INSERT INTO Inquiries (comments,survType,vol,page,[Desc])"

10-14-2003, 04:30 PM
Thank you,

It seems the RESERVED word was the problem. I had not yet added the Format SQL routine to double my single quotes, but now I can since the data is getting to the DB.

Thanks for everyone's help.