This content has been marked as final. Show 4 replies
Try putting single quotes around the search. It maybe giving you a error that is really for a column type that the SQL is not recognizing.
Your Example: SELECT * FROM Up18Technicians WHERE TechName = Ross AND Password = 358029
SELECT * FROM Up18Technicians WHERE TechName = 'Ross' AND Password = '358029'
Let me know if this works.
It worked, thanks I tried putting my entries inside single quotes when I typed it into the login screen I made and the error wasn't thrown. However now I just need to figure out how to place the single quotes around then within the code instead of asking, "Please place single quotes around your user name and password". The code looks like this:
sqlText = "SELECT * FROM Up18Technicians WHERE TechName = " + userName + " AND Password = " + pass;
Where it simply takes the text values, I just need to figure out how to get the single quotes in there around the values at runtime automatically.
Thanks for the help.
sqlText = "SELECT * FROM Up18Technicians WHERE TechName = '" + userName + "' AND Password = '" + pass + "'";
The only tricky bit is handing inputs with single quotes in them. They need to be turned into doubled single quotes, which SQL interprets as an escaped single quote.
Well I figured all that out, but after being reminded about SQLInjection attacks and such, I went with something like this:
sqlText = "SELECT TechName FROM Up18Technicians WHERE TechName = :userName AND Password = :pass";
Simply using parameters instead of text that becomes part of the SQL statement.