Syntax Error in SQL Update Statement

M

Maximus

Can some one help me with finding the error is this statement?

strSQL_Update = "UPDATE tblWJS_SuperInput SET JobNumber= '"&
strJobNumber &"', " _
& "WeekendingDate = '"& strWeekEndingDate &"', "_
& "CurrentHours = '"& strCurrentHours &"', "_
& "CurrentHoursTaping = '"& strCurrentHoursTaping &"', "_
& "ReportRequired_01 = '"& strReportRequired_01 &"', " _
& "ReportRequired_02 = '"& strReportRequired_02 &"', " _
& "ReportRequired_03 = '"& strReportRequired_03 &"', " _
& "ReportRequired_04 = '"& strReportRequired_04 &"', " _
& "ReportRequired_05 = '"& strReportRequired_05 &"', " _
& "ReportRequired_06 = '"& strReportRequired_06 &"', " _
& "ReportRequired_07 = '"& strReportRequired_07 &"', " _

& "WHERE JobNumber ="&strJobNumber&" AND WeekEndingDate ="&
strWeekEndingDate &""

strConnect = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=\
\CALSJ1\xxxx.mdb"
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open strConnect
Set objRecordSet = conn.Execute(strSQL_Update)
 
B

Bob Barrows [MVP]

Maximus said:
Can some one help me with finding the error is this statement?

strSQL_Update = "UPDATE tblWJS_SuperInput SET JobNumber= '"&
strJobNumber &"', " _
& "WeekendingDate = '"& strWeekEndingDate &"', "_
& "CurrentHours = '"& strCurrentHours &"', "_
& "CurrentHoursTaping = '"& strCurrentHoursTaping &"', "_
& "ReportRequired_01 = '"& strReportRequired_01 &"', " _
& "ReportRequired_02 = '"& strReportRequired_02 &"', " _
& "ReportRequired_03 = '"& strReportRequired_03 &"', " _
& "ReportRequired_04 = '"& strReportRequired_04 &"', " _
& "ReportRequired_05 = '"& strReportRequired_05 &"', " _
& "ReportRequired_06 = '"& strReportRequired_06 &"', " _
& "ReportRequired_07 = '"& strReportRequired_07 &"', " _
This is less than optimal database design. For one thing, what if you
need an eighth report? You will have to revise the table as well as all
queries that reference it: a maintenance nightmare. A better design
would involve a separate table with three columns: JobNumber,
ReportRequiredOrdinal, and ReportRequired
& "WHERE JobNumber ="&strJobNumber&" AND WeekEndingDate ="&
strWeekEndingDate &""

strConnect = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=\
\CALSJ1\xxxx.mdb"

Nothing to do with your problem but:
http://www.aspfaq.com/show.asp?id=2126
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open strConnect
Set objRecordSet = conn.Execute(strSQL_Update)

Is WeekendingDate a date/time field? If so, date literals need to be
delimited with octathorps (#), not quotes ('). Quotes are used for
strings, not dates in JetSQL.

Further points to consider:
Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23

See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e

Personally, I prefer using stored procedures, or saved parameter queries
as
they are known in Access:

Access:
http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&[email protected]

http://groups.google.com/groups?hl=...=1&[email protected]
 
B

Bob Barrows [MVP]

Maximus said:
Can some one help me with finding the error is this statement?
Please do not multipost Maximus. This is definitely a database-related
question
so .asp.db was the perfect group in which to post it. Posting it here as
well did not increase your chances of getting an answer (most of us
subscribe to both groups). On the contrary, if somebody had taken his
time
to answer it here, only to find that it was already resolved in the
other
group, that person may have been annoyed enough to ignore any future
posts
from you, thereby decreasing your chances of getting help in the future.

There are times when you will not be sure which group is most
appropriate,
and you will want to post a question to both groups. In that situation,
you
should use the cross-posting technique, rather than posting the same
message
multiple times. To crosspost, put a semicolon-delimited* list of the
newsgroups to which you wish to post in the To: header of your post and
post
it once. It, and any replies to it, will appear in all the newsgroups in
your list. So, if I reply in .asp.db, my reply will also appear here in
..asp.general.

* ... or whatever delimiter is recognized by your news client
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Data Type Mismatch 1
Help with code 6
Not working????? 7
Form Data not carrying over??? 4
Error message with sql statement 1
INSERT INTO error 3
asp and sql statement in sql server db 3
Update and Delete 1

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top