ASP Error

cyberwit · 26-03-2008 6:59pm #1

Getting the following error trying to update a record in a Access Database

Error Type:
Microsoft JET Database Engine (0x80040E14)
Syntax error in UPDATE statement.
/Project UIv Slight Changes/courseupdate3.asp, line 31

I can't seem to see the error any help would be appreciated

<html>
<head>
<title>Course Update</title>
</head>
<body>

<%
Set oConn = Server.CreateObject("ADODB.Connection")
sConnection = "Provider=Microsoft.Jet.OLEDB.4.0;" & _
"Data Source=" & Server.MapPath("db\HR System.mdb") & ";"
oConn.Open(sConnection)
%>
Update a Course Record Confirmation
<%
sSQL = "SELECT * FROM Course where CourseNo='" & Request("CourseNo") &"'"
Set oRS = oConn.Execute(sSQL)

If Request("submit") = "Update" Then

sSQL = "Update Course set "
sSQL = sSQL & "CourseNo = '" & Request("CourseNo") & "', "
sSQL = sSQL & "EmployeePPS = '" & Request("EmployeePPS") & "', "
sSQL = sSQL & "CourseTitle = '" & Request("CourseTitle") & "', "
sSQL = sSQL & "CourseDescription = '" & Request("CourseDescription") & "', "
sSQL = sSQL & "StartDate = '" & Request("StartDate") & "', "
sSQL = sSQL & "FinishDate = '" & Request("FinishDate") & "',"
sSQL = sSQL & "ManagerAuthorisation= '" & Request("ManagerAuthorisation") & "', "
sSQL = sSQL & "WHERE CourseNo = '" & Request("CourseNo") & "',"
End If

oConn.Execute (sSQL)
Response.Write "Course " & Request("CourseNo") & " has been successfully updated "

oRS.Close
oConn.Close
Set oRS = Nothing
Set oConn = Nothing
%>

<a href="JavaScript:window.close()">Close</a>
</body>
</html>

Evil Phil · 26-03-2008 7:47pm

If Request("submit") = "Update" Then

sSQL = "Update Course set "
sSQL = sSQL & "CourseNo = '" & Request("CourseNo") & "', "
sSQL = sSQL & "EmployeePPS = '" & Request("EmployeePPS") & "', "
sSQL = sSQL & "CourseTitle = '" & Request("CourseTitle") & "', "
sSQL = sSQL & "CourseDescription = '" & Request("CourseDescription") & "', "
sSQL = sSQL & "StartDate = '" & Request("StartDate") & "', "
sSQL = sSQL & "FinishDate = '" & Request("FinishDate") & "',"
sSQL = sSQL & "ManagerAuthorisation= '" & Request("ManagerAuthorisation") & "', "
sSQL = sSQL & "WHERE CourseNo = '" & Request("CourseNo") [b][COLOR="Red"]& "',"[/COLOR][/b]
End If

Reckon that's a problem in red anyway. And you need to look out for sql injection too.

stevenmu · 26-03-2008 8:05pm

A useful tip when creating sql statements dynamically like this is to put in some lines to debug the statement, for e.g. just before your execute statement you could put in

Response.Write sSQL
Response.End

the second line halts execution after printing out your SQL statement. You will normally be able to spot the error in the statement at that point. If not copy and paste into access and that might help.

dzy · 27-03-2008 12:22pm

If Request("submit") = "Update" Then

sSQL = "Update Course set "
sSQL = sSQL & "CourseNo = '" & Request("CourseNo") & "', "
sSQL = sSQL & "EmployeePPS = '" & Request("EmployeePPS") & "', "
sSQL = sSQL & "CourseTitle = '" & Request("CourseTitle") & "', "
sSQL = sSQL & "CourseDescription = '" & Request("CourseDescription") & "', "
sSQL = sSQL & "StartDate = '" & Request("StartDate") & "', "
sSQL = sSQL & "FinishDate = '" & Request("FinishDate") & "',"
sSQL = sSQL & "ManagerAuthorisation= '" & Request("ManagerAuthorisation") & "'[B][COLOR=Red],[/COLOR][/B] "
sSQL = sSQL & "WHERE CourseNo = '" & Request("CourseNo")[COLOR=Black] & "',"[/COLOR]
End If

Also the extra comma before the WHERE.

cyberwit · 31-03-2008 5:49pm

Thanks your help

ASP Error

Comments