I'm getting the following error
An unhandled exception of type 'System.Data.SqlClient.SqlException' occurred in System.Data.dll
Additional information: Incorrect syntax near the keyword 'Group'.
When I run the following query
string query = "Update Job Set Name = #Name, Date = #Date, Material = #Material, Instructions = #Instructions, Group = #Group, Time = #Time, Address = #Address Where Id = #Id";
DataRowView drv = (DataRowView)jobGrid.Items.GetItemAt(0);
string name = drv.Row[0].ToString();
int Id = getId(name);
using (connection = new SqlConnection(connectionString))
using (SqlCommand command = new SqlCommand(query, connection))
{
connection.Open();
string date = drv.Row[1].ToString();
string material = drv.Row[2].ToString();
string details = drv.Row[3].ToString();
string group = drv.Row[4].ToString();
string time = drv.Row[5].ToString();
string address = drv.Row[6].ToString();
command.Parameters.AddWithValue("#Name", name);
command.Parameters.AddWithValue("#Date", date);
command.Parameters.AddWithValue("#Material", material);
command.Parameters.AddWithValue("#Instructions", details);
command.Parameters.AddWithValue("#Group", group);
command.Parameters.AddWithValue("#Time", time);
command.Parameters.AddWithValue("#Address", address);
command.Parameters.AddWithValue("#Id", Id);
command.ExecuteNonQuery();
}
All of those things exist in the database in that order except for Id which comes first. I run a similar update using a different table in the database and it works perfectly. I'm not sure what is wrong with "Group" that makes that error. The value that I insert into Group is a string which is specified by the table ass varchar(50). I am using Visual Studio WPF c#
I can add and delete things from this table perfectly fine, but updating causes this issue
Use brackets for reserved keywords like Date,Group,Time etc
Update Job Set Name = #Name, [Date] = #Date, Material = #Material, Instructions = #Instructions, [Group] = #Group, [Time] = #Time, Address = #Address Where Id = #Id
check Reserved Keywords (Transact-SQL)
You have to use square brackets for reserved keywords
Try this: Update Job Set Name = #Name, [Date] = #Date, Material = #Material, Instructions = #Instructions, [Group] = #Group, [Time] = #Time, Address = #Address Where Id = #Id
Related
I am getting a index out of range error when trying to get a string value from a datareader. The column USER_ROLE which is the only column from a INNER JOIN condition. It was working and for some reason has now started throwing this index out of range error. I've verified the actual stored procedure works via SSMS and the column is being returned.
Below is the code for the stored procedure
ALTER PROCEDURE [dbo].[usp_GetUsersLogonInformation]
(
-- inactive = 0, active = 1, all = 2
#active int = 2
)
AS
BEGIN
DECLARE #whereClauseNeeded bit = 1
DECLARE #whereClause nvarchar(100) = concat(' WHERE usr.ACTIVE = ', #active)
DECLARE #sqlCmd nvarchar(max)= 'SELECT
usr.USER_PK,
usr.PRINCIPAL_ID,
usr.AA_USER_FK,
usr.FIRST_NAME,
usr.LAST_NAME,
usr.[USER_NAME],
usr.EMAIL_ADDRESS,
usr.ACTIVE,
usr.LV_USER_ROLE_FK,
lvur.USER_ROLE,
usr.CREATED_BY,
usr.CREATED_SYSDATE
FROM dbo.USERS usr
INNER JOIN dbo.LV_USER_ROLES lvur ON lvur.LV_USER_ROLE_PK = usr.LV_USER_ROLE_FK'
IF #active = 0 OR #active = 1
BEGIN
set #sqlCmd = concat(#sqlCmd, #whereClause)
END
EXEC sp_executesql #sqlCmd
END
the c# code retrieving the data
using (SqlConnection dbConn = theVoiceSqlHelpers.GetDbConnection())
{
using (SqlCommand sqlCmd = new SqlCommand(USP_GET_USER_INFO, dbConn))
{
sqlCmd.CommandType = CommandType.StoredProcedure;
sqlCmd.Parameters.AddWithValue("#whereClause",string.Format("USER_NAME = \'{0}\'", txbxUserName.Text));
SqlDataReader dr = sqlCmd.ExecuteReader();
while (dr.Read())
{
user = new Tbl_Users();
user.USER_PK = dr.GetInt32(dr.GetOrdinal("USER_PK"));
user.PRINCIPAL_ID = dr.GetInt32(dr.GetOrdinal("PRINCIPAL_ID"));
user.AA_USER_FK = dr.GetInt32(dr.GetOrdinal("AA_USER_FK"));
user.FIRST_NAME = dr.GetString(dr.GetOrdinal("FIRST_NAME"));
user.LAST_NAME = dr.GetString(dr.GetOrdinal("LAST_NAME"));
user.USER_NAME = dr.GetString(dr.GetOrdinal("USER_NAME"));
user.EMAIL_ADDRESS = dr.GetString(dr.GetOrdinal("EMAIL_ADDRESS"));
user.ACTIVE = dr.GetBoolean(dr.GetOrdinal("ACTIVE"));
user.LV_USER_ROLE_FK = dr.GetInt32(dr.GetOrdinal("LV_USER_ROLE_FK"));
user.USER_ROLE = dr.GetString(dr.GetOrdinal("USER_ROLE"));
user.CREATED_BY = dr.GetString(dr.GetOrdinal("CREATED_BY"));
user.CREATED_SYSDATE = dr.GetDateTime(dr.GetOrdinal("CREATED_SYSDATE"));
}
dr.Close();
}
}
I have ensure the column name is correct however I am now stuck at this new found exception.
Has anyone seen this behavior before. My apologies if I am overlooking and obvious but could use an extra set of eyes on this.
LV_USER_ROLES Table
USERS Table
Charlieface's comment resolved the exception. In this database there is 2 similiar named usp's and I was calling the wrong one.
I am working on an invoice managament application that draws information from an Access database (modern .accdb format) and getting the data works fine, but when I try to update it (following some tutorials, or should I say answers, nothing works..
What is wrong with this code, it... should work.
public int UpdateDBBill(Bill bill)
{
using (var connection = new OleDbConnection(#"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\BC.accdb"))
using (var command = connection.CreateCommand())
{
connection.Open();
command.CommandType = CommandType.Text;
command.CommandText = "UPDATE Bills SET Payer = #Payer, Category = #Category, Recipient = #Recipient, Currency = #Currency, Amount = #Amount, IBANOfRecipient = #IBANOfRecipient, Model = #Model, ReferenceNumber = #ReferenceNumber, Description = #Description, DueDate = #DueDate, ForMonth = #ForMonth, Paid = #Paid, DatePaid = #DatePaid WHERE Id = #Id";
command.Parameters.AddWithValue("#Payer", bill.Payer);
command.Parameters.AddWithValue("#Category", bill.Category);
command.Parameters.AddWithValue("#Recipient", bill.Recipient);
command.Parameters.AddWithValue("#Currency", bill.Currency);
command.Parameters.AddWithValue("#Amount", bill.amount);
command.Parameters.AddWithValue("#IBANOfRecipient", bill.IBANOfRecipient);
command.Parameters.AddWithValue("#Model", bill.Model);
command.Parameters.AddWithValue("#ReferenceNumber", bill.ReferenceNumber);
command.Parameters.AddWithValue("#Description", bill.Description);
command.Parameters.AddWithValue("#DueDate", bill.DueDate);
command.Parameters.AddWithValue("#ForMonth", bill.ForMonth);
command.Parameters.AddWithValue("#Paid", bill.Paid);
command.Parameters.AddWithValue("#DatePaid", bill.DatePaid);
command.Parameters.AddWithValue("#Id", bill.Id);
try
{
return command.ExecuteNonQuery();
}
catch
{
return -1;//for error
}
}
}
Answer:
public int UpdateDBBill(Bill bill)
{
using (var connection = new OleDbConnection(#"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\BC.accdb"))
using (var command = connection.CreateCommand())
{
connection.Open();
command.CommandType = CommandType.Text;
command.CommandText = "UPDATE Bills SET Payer = #Payer, Category = #Category, Recipient = #Recipient, [Currency] = #Currency, Amount = #Amount, IBANOfRecipient = #IBANOfRecipient, [Model] = #Model, ReferenceNumber = #ReferenceNumber, DueDate = #DueDate, ForMonth = #ForMonth, Paid = #Paid, DatePaid = #DatePaid WHERE Id = #Id";
command.Parameters.Add("#Payer", OleDbType.VarChar).Value = bill.Payer;
command.Parameters.Add("#Category", OleDbType.VarChar).Value = bill.Category;
command.Parameters.Add("#Recipient", OleDbType.VarChar).Value = bill.Recipient;
command.Parameters.Add("#Currency", OleDbType.VarChar).Value = bill.Currency;
command.Parameters.Add("#Amount", OleDbType.VarChar).Value = bill.GetAmount();
command.Parameters.Add("#IBANOfRecipient", OleDbType.VarChar).Value = bill.IBANOfRecipient;
command.Parameters.Add("#Model", OleDbType.VarChar).Value = bill.Model;
command.Parameters.Add("#ReferenceNumber", OleDbType.VarChar).Value = bill.ReferenceNumber;
command.Parameters.Add("#DueDate", OleDbType.Date).Value = bill.DueDate.Date;
command.Parameters.Add("#ForMonth", OleDbType.Date).Value = bill.ForMonth.Date;
command.Parameters.Add("#Paid", OleDbType.Boolean).Value = bill.Paid;
command.Parameters.Add("#DatePaid", OleDbType.Date).Value = bill.DatePaid.Date;
command.Parameters.Add("#Id", OleDbType.Integer).Value = bill.Id;
try
{
int Rows = command.ExecuteNonQuery();
return Rows;
}
catch
{
return -1;//for error
}
}
}
With OleDb the position of the parameters matters a lot.
OleDb doesn't associate parameters' placeholders with the parameters' names but follows a strictly positional order. So, your query is correct, but when you add the parameters to the collection you should follow the parameter placeholders order.
command.CommandType = CommandType.Text;
command.CommandText = "UPDATE Bills SET ([Payer] = #Payer, [Category] = #Category, ...) WHERE Id = #Id";
command.Parameters.AddWithValue("#Payer", bill.Payer);
command.Parameters.AddWithValue("#Category", bill.Category);
....
command.Parameters.AddWithValue("#Id", bill.Id);
With Access you can name your parameters as you do for its big cousin Sql Server albeit the OleDb docs say that you should use the question mark as parameter placeholder, however the names are simply ignored when the OleDb provider associates the values to the placeholders.
As a side note, consider that AddWithValue is an handy but dangerous method. The parameter type is extracted by the value passed and sometimes this could create a 'DataType mismatch Exception' or wrong conversions (in particular if you pass dates or decimals as strings to AddWithValue)
See Can we stop using AddWithValue already?
EDIT After a long debug session in chat the final problem is identified in the Currency field written withot brackets. Currency is a reserved words in Access and should be enclosed in square bracket. This was not initially evident because the first query proposed by the OP was correctly typed with square bracket but then the square brackets disappeared from the query for whatever reason. The suggestion to NOT use AddWithValue stands to avoid unnecessary conversions from dates to strings and then back to strings....
command.CommandText = "UPDATE Bills SET ([Payer] = #Payer, [Category] = #Category, ...) WHERE Id = #Id";
command.Parameters.Add("#Payer", OleDbType.VarWChar).Value = bill.Payer;
command.Parameters.Add("#Category", OleDbType.VarWChar).Value = bill.Category;
....
command.Parameters.Add("#DueDate", OleDbType.Date).Value = bill.DueDate.Date;
....
command.Parameters.Add("#Id", OleDbType.Integer).Value = bill.Id;
I came across with this before. My issue was, I was not providing the parameters in the order they were present in the query.
In your case, as your update goes on with parameters Payer, Category...,Id your AddWithValues should follow the same order.
I hope this helps
Ok... I found the issue.
First of all, you should put the Currency field in brackets because Access considers it as a datatype if you don't and you get Syntax error.
Then, keep all AddWithValue statements order untouched.
Finally, while adding date fields (DueDate, ForMonth and DatePaid), use ToString("yyyy-MM-dd") so that Access will interpret the value as date. Also, parse the amount field to double.
Below is my version of the code. Hope this will work :)
command.CommandType = CommandType.Text;
command.CommandText = "UPDATE Bills SET Payer = #Payer, Category = #Category, Recipient = #Recipient, [Currency] = #Currency, Amount = #Amount, IBANOfRecipient = #IBANOfRecipient, Model = #Model, ReferenceNumber = #ReferenceNumber, Description = #Description, DueDate = #DueDate, ForMonth = #ForMonth, Paid = #Paid, DatePaid = #DatePaid WHERE Id = #Id";
command.Parameters.AddWithValue("#Payer", bill.Payer);
command.Parameters.AddWithValue("#Category", bill.Category);
command.Parameters.AddWithValue("#Recipient", bill.Recipient);
command.Parameters.AddWithValue("#Currency", bill.Currency);
command.Parameters.AddWithValue("#Amount", Convert.ToDouble(bill.amount));
command.Parameters.AddWithValue("#IBANOfRecipient", bill.IBANOfRecipient);
command.Parameters.AddWithValue("#Model", bill.Model);
command.Parameters.AddWithValue("#ReferenceNumber", bill.ReferenceNumber);
command.Parameters.AddWithValue("#Description", bill.Description);
command.Parameters.AddWithValue("#DueDate", bill.DueDate.ToString("yyyy-MM-dd"));
command.Parameters.AddWithValue("#ForMonth", bill.ForMonth.ToString("yyyy-MM-dd"));
command.Parameters.AddWithValue("#Paid", bill.Paid);
command.Parameters.AddWithValue("#DatePaid", bill.DatePaid.ToString("yyyy-MM-dd"));
command.Parameters.AddWithValue("#Id", bill.Id);
try
{
return command.ExecuteNonQuery();
}
catch
{
return -1;//for error
}
I am receiving the error, Must declare the scalar variable "#ID". Pointing at ExecuteScalar line. I looked on goggle and I think it has something to do with insert parameters for ID. Then again I read there could be a typo error. In my db I have declare column name as ID and Data Type as int, setting 'Is Identity' as Yes. As I am not going to insert ID column manually I think this is why I am having problem(s) and I don't know how to solve this problem.
What I am trying to do is insert username, login date and time. Update on the same column (same id column) when user logs out. Create a new column when user log in again and So on. I am using the similar code that I asked here and here when D Stanley helped me.
Thanks in advance if anyone can help me.
private int ID // forgot to add this.
{ get; set; }
private void btnLogin_Click(object sender, RoutedEventArgs e)
{
string value = cbRoles.Text;
switch (value)
{
case "Manager":
myCon.connectionString();
string dString = string.Empty;
SqlConnection thisConnection = myCon.dbCon;
SqlCommand nonqueryCommand = thisConnection.CreateCommand();
using (var command = myCon.dbCon.CreateCommand())
{
command.CommandText = "SELECT * FROM tblPrivileges";
command.Parameters.AddWithValue("UserName", (txtUserName.Text));
command.Parameters.AddWithValue("Password", (txtPassword.Text));
thisConnection.Open();
var reader = command.ExecuteReader(); //strcomp
{
if (reader.HasRows)
{
while (reader.Read())
{
txtUserName.Text = reader["UserName"].ToString();
txtPassword.Text = reader["Password"].ToString();
MainWindow gobackB = new MainWindow();
gobackB.Show();
LoginSample goback = new LoginSample();
goback.Hide();
}
}
else MessageBox.Show("You have entered incorrect credentials. Please try again", "error", MessageBoxButton.OK, MessageBoxImage.Error);
}
}
myCon.dbCon.Close();
nonqueryCommand.CommandType = CommandType.Text;
nonqueryCommand.CommandText = "INSERT tblLoginLogTable (UserName, LoggedInDate, LoggedInTime) VALUES (#UserName, #LoggedInDate, #LoggedInTime)";
//nonqueryCommand.Parameters.AddWithValue("#ID", SqlDbType.Int); this did not work
//nonqueryCommand.Parameters["#ID"].Value = this.ID; this did not work
nonqueryCommand.Parameters.AddWithValue("#UserName", txtUserName.Text);
nonqueryCommand.Parameters.AddWithValue("#LoggedInDate", DateTime.Now);
nonqueryCommand.Parameters.AddWithValue("#LoggedInTime", DateTime.Now.ToString("HH:mm"));
thisConnection.Open();
nonqueryCommand.ExecuteNonQuery(); // error pointing here
nonqueryCommand.CommandText = "SELECT #ID = SCOPE_IDENTITY()";
int id = (int)nonqueryCommand.ExecuteScalar();
// int id = Convert.ToInt32(nonqueryCommand.ExecuteScalar()); this line did not work
this.ID = id;
myCon.dbCon.Close();
break;
The problem is still that you're trying to use the same "scope" with two different SQL commands. Even thought they are the same "variable" in C# in SQL they have different scope.
You'll need to execute both statements in one command and add the #ID parameter as an Output parameter in order to insert and get the identity out:
nonqueryCommand.CommandType = CommandType.Text;
nonqueryCommand.CommandText = "INSERT tblLoginLogTable (UserName, LoggedInDate, LoggedInTime) VALUES (#UserName, #LoggedInDate, #LoggedInTime); " +
"SELECT #ID = SCOPE_IDENTITY()";
nonqueryCommand.Parameters.AddWithValue("#UserName", txtUserName.Text);
nonqueryCommand.Parameters.AddWithValue("#LoggedInDate", DateTime.Now);
nonqueryCommand.Parameters.AddWithValue("#LoggedInTime", DateTime.Now);
nonqueryCommand.Parameters.Add("#ID",SqlDbType.Int).Direction = ParameterDirection.Output;
thisConnection.Open();
nonqueryCommand.ExecuteNonQuery();
int id = (int)nonqueryCommand.Parameters["#ID"];
Here:
nonqueryCommand.CommandText = "SELECT #ID = SCOPE_IDENTITY()";
your SQL assigns a value to a variable that is not declared. Since you are using ExecuteScalar, you probably just mean:
nonqueryCommand.CommandText = "SELECT SCOPE_IDENTITY()";
Note that you might need to cast it - it may come back as decimal.
When I try to run this, it gives me the following error message:
Conversion failed when converting the varchar value 'category_id' to data type int.
Here's my SQL and parameter code, I supposed it should work, but it doesn't.
mycmd.CommandText="SELECT * FROM categories WHERE #db_property = #property_id";
// This contains a string "category_id", which is correct.
mycmd.Parameters.Add("#db_property", SqlDbType.VarChar).Value=db_property_field;
// This contains an Int, referring to the category_id in database. As of now, this is 1
mycmd.Parameters.Add("#property_id", SqlDbType.Int).Value=property_id;
After I'm going through this code, I run it through a Reader, and that's where I get the error message above. Been asking teacher, and excellent students in my class, no one can find a clue on, where the problem is.
You shouldn't add field name as parameter. Try to change your script to include actual field id:
mycmd.CommandText = "SELECT * FROM categories WHERE category_id = #property_id";
mycmd.Parameters.Add("#property_id", SqlDbType.Int).Value = property_id;
I'm not sure about your structure, but try the following:
mycmd.CommandText = "SELECT * FROM categories WHERE Cast(#db_property as Int) = #property_id";
Your query is matching the two variables you are passing in so it will either return all the data or none of it! On top of that you are matching a char variable with an int. SQL will try to cast the char variable to an int.
#db_property = #property_id
should your query look like this?
SELECT * FROM categories WHERE db_property = #db_property AND property_id = #property_id
If you look at your statement you are comparing the two parameters. The WHERE clause is not on a table column ("categories") and the two parameters you are passing are different data types. VarChar and Int. When that command is executed the SQL engine is trying to compare two variables of different data types.
If you run the following SQL statements straight against SQL you will receive the same error.
DECLARE #Var1 VARCHAR(100)
DECLARE #Var2 INT
SELECT #Var1 = 'Test', #Var2 = 1
SELECT * FROM dbo.categories WHERE #Var1 = #Var2
You can get solution from the following address:
http://net-informations.com/csprj/data-providers/cs-procedure-parameter.htm
For your information I Just reshape the code and use it to my needs.
Code of Stored Procedure is as follow:
Create PROCEDURE [dbo].[PmSPValidate]
#a varchar(10)
AS
BEGIN
(SELECT AcctDsc,AcctAge
FROM dbo.tblCoa
WHERE AcctNo >= #a)
END
Code of C# :
private void btnThirdTrial_Click(object sender, EventArgs e)
{
string connetionString = null;
SqlConnection connection;
SqlDataAdapter adapter;
SqlCommand command = new SqlCommand();
SqlParameter param;
DataSet ds = new DataSet();
int i = 0;
connetionString = "Data Source=FIN03;Initial Catalog=CmsTest;Integrated Security=True";
connection = new SqlConnection(connetionString);
connection.Open();
command.Connection = connection;
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "dbo.PmSPValidate";
param = new SqlParameter("#a",Account.Text.ToString ());
param.Direction = ParameterDirection.Input;
param.DbType = DbType.String;
command.Parameters.Add(param);
adapter = new SqlDataAdapter(command);
adapter.Fill(ds);
for (i = 0; i <= ds.Tables[0].Rows.Count - 1; i++)
{
MessageBox.Show(" Name " + ds.Tables[0].Rows[i][0].ToString() + " Age " + ds.Tables[0].Rows[i][1].ToString());
}
connection.Close();
}
I have a method which includes sql statement . it is
public Boolean addRSS(string RSS_title, string Description, DateTime datetime, string RSS_Link, string user_name, float rate)
{
// Console.WriteLine(MyString.Remove(5, 10));
// string a = date.ToString().Replace('.', '-');
Boolean res = false;
string sql = "INSERT INTO My_RSS ( RSS_Title,RSS_Description,RSS_Date,RSS_Link,RSS_Rate,UserName) values('"
+
RSS_title + "','" +
"FFFFFFFFFFFFFFFFFFFFFFFFFAAASDASDASDASD" +
"', SYSUTCDATETIME(),'" +
RSS_Link + "'," +
rate + ",'"+
user_name +
"')";
try
{
// hasan = hasan.Insert(c, hasan);
SqlCommand cmd = new SqlCommand(sql, Connect());
cmd.ExecuteNonQuery();
res = true;
}
catch (Exception)
{
res = false;
}
return res;
}
It gives the error when I try to enter this input http://rss.feedsportal.com/c/32727/f/510887/s/1da50441/l/0Lekonomi0Bmilliyet0N0Btr0Cenflasyon0Eyuzde0E50Ee0Einene0Ekadar0Esikacak0E0Cekonomi0Cekonomidetay0C210B0A30B20A120C15181930Cdefault0Bhtm/story01.htm to "link column" and
it gives error which is
Incorrect syntax near 'e'.
The identifier that starts with 'Lekonomi0Bmilliyet0N0Btr0Cenflasyon0Eyuzde0E50Ee0Einene0Ekadar0Esikacak0E0Cekonomi0Cekonomidetay0C210B0A30B20A120C15181930Cdefau' is too long. Maximum length is 128.
Unclosed quotation mark after the character string ')'.
Also,In the sql side this colum is varchar(455)
The error is saying that the identifier name is too long; this combined with the unclosed quotation mark error means you probably missed an opening quote. That is, you have this:
INSERT INTO Foo ( A ) VALUES ( AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA')
instead of
INSERT INTO Foo ( A ) VALUES ( 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA')
You shouldn't be building your queries via string concatentation; this is one of the reasons. Parameterized queries will get the quoting right for you. (Note: you don't need to be using stored procs to use parameterized queries.)
var sql = "INSERT INTO My_RSS ( Title, Description, Date, Link, Rate, Name )
VALUES ( #Title, #Desc, #PostDate, #Link, #Rate, #Name )";
SqlCommand cmd = new SqlCommand(sql, Connect());
cmd.Parameters.Add("#Title", SqlDbType.VarChar, 100).Value = RSS_title;
cmd.Parameters.Add("#Desc", SqlDbType.VarChar, 8192).Value = RSS_description;
cmd.Parameters.Add("#PostDate", SqlDbType.SmallDateTime).Value = DateTime.Now;
cmd.Parameters.Add("#Rate", SqlDbType.Int).Value = rate;
etc.
You Can also add SET QUOTED_IDENTIFIER OFF before 'sql' string and SET QUOTED_IDENTIFIER On after 'sql'
QUOTED IDENTIFIER ON/OFF:
This specifies the setting for usage of double quotation. IF this is on, double quotation mark is used as part of the SQL Server identifier (object name). This can be useful in situations in which identifiers are also SQL Server reserved words.
sql = "SET QUOTED_IDENTIFIER OFF " + sql + " SET QUOTED_IDENTIFIER OFF ";
SqlCommand cmd = new SqlCommand(sql, Connect());
cmd.ExecuteNonQuery();
res = true;
You should use this in this case.