Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

String Appending Problem.

Status
Not open for further replies.
lucyv

lucyv

Programmer
Mar 11, 2002
152
US
I have a class that records information on websites that a user visits (URL, Start Time and Ending Time). I then have a sub procedure that inserts this information into database.

The problem I am having is that when I'm building the SQL statement the string variable I am using is not being populated correctly.

Code: 
Dim pstrSQL As String
pstrSQL = "INSERT INTO tblWebsites (fldVisitID, fldWebsiteURL, fldWebsiteStartTime, fldWebsiteEndTime) VALUES (" & mlngVisitID & ", '" & aWebsite.URL, & "', '" & aWebsite.StartTime & "', '" & aWebsite.EndTime & "')"

When I look at what's in the pstrSQL variable I find this:
INSERT INTO tblWebsites (fldVisitID, fldWebsiteURL, fldWebsiteStartTime, fldWebsiteEndTime) VALUES (100, 'http:\\

This is the error message I get:
Incorrect systax near 'http:\\Unclosed quotation mark before the character string 'http:\\www.google.com'

I think I've narrowed down the problem to the aWebsite.URL statement. If I leave out this property and pass an empty string instead, the SQL statement is built correctly. But when I include the URL, the string doesn't build correctly.

I know I could do this using a stored procedure, but I'm wondering why this simply string concatenation isn't working. I've also tried using a StringBuilder variable as well.

Does anyone know why this could be happening?

-lucyv
 
Sort by date Sort by votes
I would highly, neigh, EXTREMELY recommend using SQLParameters to do that. Expecially if your getting data from the web. search the forum for 'SQL parameter' there have been many examples and descriptions. Orelse, Chrissie and E&F will probrably be able to post a good code sample. Me, I'm taking Monday off! Ha!

-Rick

VB.Net Forum forum796 forum855 ASP.NET Forum
[monkey]I believe in killer coding ninja monkeys.[monkey]
 
Upvote 0 Downvote
John: sorry, but the comma (,) was a typo into this post. I do not have one in my code.

Rick: I've thought about using SQLParameters, and I'm using them a few time in other parts of the program. I was just wondering why this simple operation is not working. I consider myself pretty good at SQL, especially when it comes to writing simple INSERT & UPDATE statements. I just don't know why this is not working.

Does anyone else have an explaination as to why this is happening?

-lucyv
 
Upvote 0 Downvote
lucy, I've tried this and no problems:

Code: 
Public Class Class1WebSite

  Public URL As String
  Public StartTime As DateTime
  Public EndTime As DateTime

End Class
Code: 
  Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click

    Dim mlngVisitID As Integer = 100
    Dim aWebSite As New Class1WebSite
    aWebSite.URL = "http:\\[URL unfurl="true"]www.google.com"[/URL]
    aWebSite.StartTime = Now
    aWebSite.EndTime = aWebSite.StartTime.AddHours(1)

    Dim pstrSQL As String
    pstrSQL = "INSERT INTO tblWebsites (fldVisitID, fldWebsiteURL, fldWebsiteStartTime, fldWebsiteEndTime) VALUES (" & mlngVisitID & ", '" & aWebSite.URL & "', '" & aWebSite.StartTime & "', '" & aWebSite.EndTime & "')"


    MessageBox.Show(pstrSQL)

  End Sub

The output of the MessageBox is:

"INSERT INTO tblWebsites (fldVisitID, fldWebsiteURL, fldWebsiteStartTime, fldWebsiteEndTime) VALUES (100, 'http:\\ '29/08/2005 12:48:03', '29/08/2005 13:48:03')"

which is pretty much what you would expect to see.


However, when I tried replacing the & with a + I got a number of Option Strict errors.

Personally, I would use the + and:
mlngVisitID.ToString
aWebSite.StartTime.ToString
aWebSite.EndTime.ToString

I'm not sure whether that is relevant to this problem or not, but I can't see anything else that could be wrong.

As Rick says, parameters are the better approach, but string concatenation should work.

Hope this helps.
 
Upvote 0 Downvote
If you simply must use string concatenation (and you shouldn't, but if you must...) then the StringBuilder class would be a better way to go. From this:
Code: 
pstrSQL = "INSERT INTO tblWebsites (fldVisitID, fldWebsiteURL, fldWebsiteStartTime, fldWebsiteEndTime) VALUES (" & mlngVisitID & ", '" & aWebSite.URL & "', '" & aWebSite.StartTime & "', '" & aWebSite.EndTime & "')"
To this:
Code: 
Dim sb As New StringBuilder()
sb.Append(" INSERT INTO tblWebsites")
sb.Append("  (fldVisitID, fldWebsiteURL,")
sb.Append("   fldWebsiteStartTime, fldWebsiteEndTime)")
sb.Append(" VALUES (")
sb.Append(mlngVisitID.ToString).Append(", ")
sb.Append("'").Append(aWebSite.URL).Append("', ")
sb.Append("'").Append(aWebSite.StartTime.ToString()).Append("', ")
sb.Append("'").Append(aWebSite.EndTime).Append("')")
pstrSQL = sb.ToString()
This makes the code more maintainable, plus reduces the number of intermediate string constants which get created (and must be destroyed by the garbage collector).

Chip H.

____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Ken01
  • Locked
  • Question
Problem with CopyMemory statement
Replies
1
Views
334
strongm
strongm
Raj Gupta
  • Locked
  • Question
VB6 Focus problem after validation
Replies
4
Views
452
strongm
strongm
Ken01
  • Locked
  • Question
Problem with form names in VB6
Replies
3
Views
331
Ken01
Ken01
sal21
  • Locked
  • Question
Pplease for strongm, ftp problem to download file and copy inn c:\tabulati\
Replies
10
Views
547
sal21
sal21
2009luca
  • Locked
  • Question
Write a fixed string 1
Replies
9
Views
384
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top