[RESOLVED] syntax issue with sql statement..driving me nuts
I am using a inline sql statement to update a table (in oracle).
Some how this statement doesn't run.
sUpdateStatement = "UPDATE AUTOTRADE.RATE_ADVANCES SET TREASURY_RATE = '" + dLiveBM + "'";
OracleConnection _oOracleConnection = new OracleConnection(sConnectionstring);
_oOracleConnection.Open();
OracleCommand _oOracleCommand = new OracleCommand(sUpdateStatement, _oOracleConnection);
_oOracleCommand.CommandText = sUpdateStatement;
try
{
//code hangs here . no output at all. I don't know whats going on.
//the sUpdateStatement has the following sql statement.
//"UPDATE AUTOTRADE.RATE_ADVANCES SET TREASURY_RATE = '5.04'"
_oOracleCommand.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
Re: syntax issue with sql statement..driving me nuts
I am using a inline sql statement to update a table (in oracle).
Some how this statement doesn't run.
Code:
sUpdateStatement = "UPDATE AUTOTRADE.RATE_ADVANCES SET TREASURY_RATE = '" + dLiveBM + "'";
OracleConnection _oOracleConnection = new OracleConnection(sConnectionstring);
_oOracleConnection.Open();
OracleCommand _oOracleCommand = new OracleCommand(sUpdateStatement, _oOracleConnection);
_oOracleCommand.CommandText = sUpdateStatement;
try
{
//code hangs here . no output at all. I don't know whats going on.
//the sUpdateStatement has the following sql statement.
//"UPDATE AUTOTRADE.RATE_ADVANCES SET TREASURY_RATE = '5.04'"
_oOracleCommand.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
Re: [RESOLVED] syntax issue with sql statement..driving me nuts
Quote:
Originally Posted by bnathvbdotnet
I am using a inline sql statement to update a table (in oracle).
So, you like to open you database up to SQL injection attacks then? :confused: Hever heard of a parameterized query or stored procedure? It will sollve you syntax error and keep you database secure.
