NULL dates are driving me nuts

**LinXG** · May 15th, 2007, 12:44 PM

Well not really but......

I have an insert statement that looks mostly like this.....

Code:

mySQL = "INSERT INTO myTABLE (someDumbDate) VALUES (#" & aTextBox.text & "#)"

This works fine when aTextBox.text has a real date in it but is causing me unspeakable grief when aTextBox.text = "".

Is there an easy way around this?

Database: MS Access 2003
Language: Visual Basic (VS 2005)

**si_the_geek** · May 15th, 2007, 12:51 PM

You can't use blank as a Null in an SQL statement, you need to explicitly specify it, eg:

Code:

... VALUES (Null)"

**Hack** · May 15th, 2007, 01:07 PM

You can also do

Code:

If aTextBox.Text <> vbNullString Then
   mySQL = "INSERT INTO myTABLE (someDumbDate) VALUES (#" & aTextBox.text & "#)"
End If

**LinXG** · May 15th, 2007, 02:18 PM

Hi Hack and Si;

I was expecting those answers so it looks like workaround time has arrived.

Thanks guys.

**GaryMazzone** · May 15th, 2007, 02:22 PM

I normally do this if a date value can be null (like a closed date):

Code:

Dim strCDate As String
strCDate = "NULL"
if txtCDate.Text <> vbNullString Then
   If IsDate(txtCDate) Then'
      strCDate = "#" txtCDate & "#"
   End If
End If
Dim mySQL as String
mySQL = "INSERT INTO myTABLE (someDumbDate) VALUES (" & strCDate & ")"

**LinXG** · May 15th, 2007, 02:34 PM

Thanks Gary;

Your suggestion is what I'll most likely do.

Thanks

**Megistal** · May 16th, 2007, 02:42 PM

Isn't there a possibility to trap the error with a try and catch?

Also, for your information, your query is most probably vulnerable to SQL injection.

**GaryMazzone** · May 16th, 2007, 02:53 PM

No the query is not vunrable to injection attack. You are testing for valid date before doing anything with the value if it is not a valid date then the NULL will be stored to the database. Every is yelling about the injection attacks if you validate data properly and check for single qoutes inside text strings that will not be an extremly likely attack. And yes I know that all the experts here say the only way to perform SQL inserts is to use parameterized queries only.

**Megistal** · May 16th, 2007, 03:28 PM

Using a value directly from the textbox

mySQL = "INSERT INTO myTABLE (someDumbDate) VALUES (#" & aTextBox.text & "#)"

sound to me like a real issue.

**si_the_geek** · May 16th, 2007, 05:00 PM

It would be if there weren't checks before it.. in this case (where the value must be a valid date, otherwise it is replaced by Null), it is perfectly safe.

Thread: NULL dates are driving me nuts

Thread Tools

Display

NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Re: NULL dates are driving me nuts

Posting Permissions