Re: How can I improve this code please?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Bob Boran (mcsdsmurf_at_hotmail.com)
Date: 02/24/04 

Date: Tue, 24 Feb 2004 09:28:23 -0700

Trint,

Based on the error you are getting, this is not an SQL problem. So you
ought to be posting this to the VB.Net board.

However, here are some comments.

1. Where is the problem occuring? is it in the strSQL declare line, or in
the PrepareStr function? I am having a hard time seeing where that error
could come out of any the sample code you are showing.

2. You ought to be using a command object with parameters for the updated
values. This will be more readable, and safer from certain types of SQL
insertion attacks. ( would give you some code for this but it varies
slightly based on the DB you are using. I assume you are using SQL Server,
but nothing in your code verifies this. If you would like a snip, post a
request and I will put it up)

"Trint Smith" <trintsmith@hotmail.com> wrote in message
news:uhb39Dv#DHA.2592@TK2MSFTNGP10.phx.gbl...
> How can I improve this code please?
> It sometimes produces this error:
> "Object reference not set to an instance of an object"
> When I do this:
> strSQL = "UPDATE TBL_Items SET" & _
> " item_itemnumber = " & PrepareStr(Label6.Text) & _
> " ,item_itemcurrentbidprice = " &
> PrepareStr(itemCurrentbidprice) & _
> " ,item_itembidhistory = " &
> PrepareStr(itembidHistory) & _
> " ,item_itemcurrentorpurchasedbidder = " &
> PrepareStr(itemCurrentorpurchasedbidder) & _
> "FROM TBL_Items " & _
> "WHERE item_itemnumber = '" & Label6.Text & "'"
>
> Here is the code:
>
> Private Function PrepareStr(ByVal strValue As String) As String
> ' This function accepts a string and creates a string that can
> ' be used in a SQL statement by adding single quotes around
> ' it and handling empty values.
> If strValue.Trim() = "" Then
> Return "NULL"
> Else
> Return "'" & strValue.Trim() & "'"
> End If
> End Function
>
>
> Net programmer
> trintsmith@hotmail.com
>
> *** Sent via Developersdex http://www.developersdex.com ***
> Don't just participate in USENET...get rewarded for it!

Relevant Pages

  • Re: Problems with Delete Command
    ... The SQL could get fairly messy if you need to construct it in code, ... ContactID, and WebComID, and create your on-the-fly SQL on that saved query, ... to find the list of ContactIDs from the junction table, ... This is a style/readability thing: if you are going to use string ...
    (microsoft.public.access.tablesdbdesign)
  • Re: Need help with Code Please!!!
    ... posted in response to my last post was some SQL, but this is not the SQL that ... the actual string that gets built at the end of the SQ1 build process. ... The message says Syntax error in query expression ... Dim rs As Recordset 'object ref to qryCompany\USFNumber ...
    (microsoft.public.access.formscoding)
  • RE: Web Part and Access database
    ... I dont know if it is possible to connect to access,but you can download SQL ... Server Error in '/Webparts' Application. ... The connection string specifies a local Sql Server Express instance ... String user, String password, Boolean trusted, String connectionString) ...
    (microsoft.public.sharepoint.portalserver.development)
  • Re: INDEXES: BTRIEVE vs EXTFH (cobol)
    ... In SQL, you can specify just about anything, but at the lower MKDE ... the engine has to pick the right Btrieve ... When COBOL needs to find this value, it knows that the key is a string. ...
    (comp.databases.btrieve)
  • Re: INDEXES: BTRIEVE vs EXTFH (cobol)
    ... Bill Bach wrote: ... In SQL, you can specify just about anything, but at the lower MKDE ... the engine has to pick the right Btrieve ... When COBOL needs to find this value, it knows that the key is a string. ...
    (comp.databases.btrieve)