Develop Reference

"Invalid column name" when trying to insert data into database using SQL

I'm trying to insert new values into my database using visual studio and here is my code:
SqlCommand cmd = new SqlCommand();
SqlConnection conn = new SqlConnection();
conn.ConnectionString = dbconnectionstring;
conn.Open();
cmd.Connection = conn;
cmd.CommandText = "INSERT INTO Data_ConfigInfo (TypeID, Name, ValidFromDate, ValidToDate, ValidFromSOP, ValidToSOP, Description)" +
"VALUES(#TypeID, #Name, #ValidFromDateTime, #ValidToDateTime, #ValidFromSOP, #ValidToSOP, #Description)";
cmd.Parameters.AddWithValue("TypeID", Logg.TypeID);
cmd.Parameters.AddWithValue("Name", Logg.Name);
if(Logg.ValidFrom.Equals(null)) {
cmd.Parameters.AddWithValue("#ValidFromDateTime", DBNull.Value);
}
else
{
cmd.Parameters.AddWithValue("#ValidFromDateTime", Logg.ValidFrom);
}
if (Logg.ValidTo.Equals(null))
{
cmd.Parameters.AddWithValue("#ValidToDateTime", DBNull.Value);
}
else
{
cmd.Parameters.AddWithValue("#ValidToDateTime", Logg.ValidFrom);
}
cmd.Parameters.AddWithValue("#ValidFromSOP", Logg.ValidFromSOP);
cmd.Parameters.AddWithValue("#ValidToSOP", Logg.ValidToSOP);
cmd.Parameters.AddWithValue("#Description", Logg.Description);
cmd.ExecuteNonQuery();
conn.close();
conn.dispose();
But at the line
cmd.ExecuteNonQuery();
I get the error
invalid column name for ValidToDateTime and ValidFromDateTime.
Both are datetime variables. I can't seem to find the error. Any ideas?
This is how my datatable looks

Your DB table has columns ValidFromDateTime, ValidToDateTime, but your column list in the INSERT statement has ValidFromDate, ValidToDate. Are you sure that it is not a typo when posting here?

Did you forgot '#'?
cmd.Parameters.AddWithValue("TypeID", Logg.TypeID);
cmd.Parameters.AddWithValue("Name", Logg.Name);
cmd.Parameters.AddWithValue("#TypeID", Logg.TypeID);
cmd.Parameters.AddWithValue("#Name", Logg.Name);

Stored procedure is not working and getting stopped

I m running a piece of code for scheduler in my project. But it is not working as expected.
private void Initiate_User(string strEmpCard)
{
//conn.Open();
ObjPriCmd = new SqlCommand("exec [sp_c_Initiate_Clearance] " + strEmpCard.ToString() + "", conn);
ObjPriCmd.ExecuteNonQuery();
}
The debugger stops and opens a form after my ExecuteNonQuery() line is debugged. I am not able to trace the error also. what is wrong here ??
UPDATE
My error query
insert into p_emp_clearance_hdr
(Emp_mkey,
Emp_card_no,
RA_1,
RA_2,
Depatment,
Sub_Department,
Date_of_Joining,
Resignation_date,
Last_Working_Days,
UserId)
select
em.mkey,
em.emp_card_no,
em.Reporting_To,
em.Reporting_To2,
em.Department_mkey,
em.SubDept_mkey,
convert(varchar(10), em.resig_date, 103) resig_date,
convert( varchar(10), em.Dt_Of_Join, 103) Dt_Of_Join,
convert(varchar(10), em.Dt_of_leave, 103) Dt_of_leave,
um.mkey
from emp_mst em join user_mst um
on em.mkey = um.Employee_mkey
where em.mkey = #emp_mkey

As you explained in comments, you are getting error:
ExecuteNonQuery: Connection property has not been initialized.
It means you have not initialized the connection. You have just declared it:
SqlConnection conn;
You should do like:
conn = new SqlConnection(#"you connection string");
//then your code
ObjPriCmd = new SqlCommand("exec [sp_c_Initiate_Clearance] " + strEmpCard.ToString(), conn);
ObjPriCmd.ExecuteNonQuery();
The best practice:
You should use a SqlCommand property CommandType to define that you're calling a StoredProcedure when calling from C#. And define parameters using SqlCommand .Parameters.Add it handles the SqlInjection issues itself.
conn = new SqlConnection(#"you connection string");
using (SqlCommand cmd = new SqlCommand("sp_c_Initiate_Clearance", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
// parameter name , parameter type parameter value
cmd.Parameters.Add("#parameter name", SqlDbType.VarChar).Value = strEmpCard.ToString();
con.Open();
cmd.ExecuteNonQuery();
}

You can Try it with USing Statement:-
using (SqlCommand cmd = new SqlCommand("sp_c_Initiate_Clearance", conn)) {
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("#Parameter Name", Type).Value = "Value of Parameter";
conn.Open();
cmd.ExecuteNonQuery();
}

I have a error on Incorrect syntax near 'nchar'

The error is saying incorrect syntax near nchar this is what visual studio suggests
the error suggests Line 31:
An expression of non-boolean type specified in a context where a condition is expected, near 'Name'.
int temp = Convert.ToInt32(com.ExecuteScalar());
my code is below
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["RegistrationConnectionString"].ConnectionString);
conn.Open();
string checkuser = "select count(*) from [Table] where User Name=#User Name";
SqlCommand com = new SqlCommand(checkuser, conn);
com.Parameters.Add("#User Name", SqlDbType.NChar, 20).Value = TextBoxUN.Text;
int temp = Convert.ToInt32(com.ExecuteScalar());
if (temp == 1)
{
Response.Write(" USER ALREADY EXISTS ");
}
conn.Close();
}
}

If your database objects and parameter names you used with them are more than one word, you need to use them square brackets like [User Name]
Also use using statement to dispose your SqlConnection and SqlCommand.
using(SqlConnection conn = new SqlConnection(connString))
using(SqlCommand com = conn.CreateCommand())
{
com.CommandText = "select count(*) from [Table] where [User Name] = #UserName";
com.Parameters.Add("#UserName", SqlDbType.NChar, 20).Value = TextBoxUN.Text;
conn.Open();
int temp = Convert.ToInt32(com.ExecuteScalar());
}
As a best practice, don't use more than one word for your table or column names.

try that
string checkuser = "select count(*) from [Table] where [User Name]=#UserName"
SqlCommand com = new SqlCommand(checkuser, conn);
com.Parameters.Add("#UserName", SqlDbType.NChar, 20).Value = TextBoxUN.Text;
You should wrap column names in braces if it has whitespace in it. so the column name User Name should be places in square braces '[]', for the parameter name "#User Name", I don't think that it would accept it neither, you should remove the whitespace in parameter name also.

sql insert into asp.net

con.Open();
SqlCommand cmd=new SqlCommand("INSERT INTO user(Firstname,Lastname,Email,Pass,Type)
values(#first,#last,#email,#pass,#type)",con);
cmd.Parameters.Add("#first",SqlDbType.NVarChar).Value = txtfirst.Text;
cmd.Parameters.Add("#last",SqlDbType.NVarChar).Value = txtlast.Text;
cmd.Parameters.Add("#email",SqlDbType.NVarChar).Value = txtemail.Text;
cmd.Parameters.Add("#pass",SqlDbType.NVarChar).Value = txtpass.Text;
cmd.Parameters.Add("#type",SqlDbType.NVarChar).Value = "customer";
cmd.ExecuteNonQuery();
con.Close();
what is the problem with my syntax it says "Incorrect syntax near the keyword 'user'."

you should escape the table name user with delimited identifiers,
SqlCommand cmd=new SqlCommand("INSERT INTO [user] (Firstname,Lastname,Email,Pass,Type) values(#first,#last,#email,#pass,#type)",con);
SQL Server Reserved Keywords
SQL Server Delimited Identifiers
UPDATE 1
Refractor your code by
using using statement to properly dispose objects
using Try-Catch block to properly handle exceptions
code snippet:
string _connStr = "connectionString here";
string _query = "INSERT INTO [user] (Firstname,Lastname,Email,Pass,Type) values (#first,#last,#email,#pass,#type)";
using (SqlConnection conn = new SqlConnection(_connStr))
{
using (SqlCommand comm = new SqlCommand())
{
comm.Connection = conn;
comm.CommandType = CommandType.Text;
comm.CommandText = _query;
comm.Parameters.AddWithValue("#first", txtfirst.Text);
comm.Parameters.AddWithValue("#last", txtlast.Text);
comm.Parameters.AddWithValue("#email", txtemail.Text);
comm.Parameters.AddWithValue("#pass", txtpass.Text);
comm.Parameters.AddWithValue("#type", "customer");
try
{
conn.Open();
comm.ExecuteNonQuery();
}
catch(SqlException ex)
{
// other codes here
// do something with the exception
// don't swallow it.
}
}
}
AddWithValue
Add (recommended one)

USER is a reserved keyword on SQL Server.
You should use your table name with brackets [] like;
INSERT INTO [user]
You can try like;
con.Open();
SqlCommand cmd=new SqlCommand("INSERT INTO [user] (Firstname,Lastname,Email,Pass,Type) values(#first,#last,#email,#pass,#type)",con);
cmd.Parameters.AddWithValue("#first", txtfirst.Text);
cmd.Parameters.AddWithValue("#last", txtlast.Text);
cmd.Parameters.AddWithValue("#email", txtemail.Text);
cmd.Parameters.AddWithValue("#pass", txtpass.Text);
cmd.Parameters.AddWithValue("#type", "customer");
cmd.ExecuteNonQuery();
con.Close();
And also like #JW said, it is always a good approach to using them in a try-catch statement.
Best Practices of Exception Management

C# and sql server

I've created a database and a table with 2 fields Id and Name.
Now I want to insert values on clicking a button the sammple code is given. it's not working.
using (SqlConnection connection = new SqlConnection(strConnection))
{
SqlCommand command =new SqlCommand("insert into Test (Id,Name) values(5,kk);",connection);
connection.Open();
command.ExecuteNonQuery();
connection.Close();
}

String values should be in quotes. This has not much to do with C#, more with T-SQL
Try this, and notice the kk;
SqlCommand command =
new SqlCommand("insert into Test (Id,Name) values(5,'kk');",connection);
connection.Open();
command.ExecuteNonQuery();
connection.Close();
Also I am assuming here that Id is not an auto-increment field. If it is, then you should not fill it.
As a side-node you should look at parameterized queries to prevent SQL injection.

In this instance, you need single quotes ' around the kk
insert into Test (Id,Name) values(5,'kk')
In general, you should use parameterised queries

try this:
SqlConnection conn = new SqlConnection();
SqlTransaction trans = conn.BeginTransaction();
try
{
using (SqlCommand cmd = new SqlCommand("insert into Test (Id,Name) values(#iD, #Name)", conn, trans))
{
cmd.CommandType = CommandType.Text;
cmd.AddParameter(SqlDbType.UniqueIdentifier, ParameterDirection.Input, "#iD", ID);
cmd.AddParameter(SqlDbType.VarChar, ParameterDirection.Input, "#Name", Name);
cmd.ExecuteNonQuery();
}
conn.CommitTransaction(trans);
}
catch (Exception ex)
{
conn.RollbackTransaction(trans);
throw ex;
}

Try this:
SqlConnection con = new SqlConnection('connection string here');
string command = "INSERT INTO Test(Id, Name) VALUES(5, 'kk')";
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = System.Data.CommandType.Text;
cmd.CommandText = command;
con.Open();
cmd.ExecuteNonQuery();
con.Close();

String values should be between ' '
Verify your connection string
//add your connection string between ""
string connectionString = "";
using (var conn = new SqlConnection(connectionString))
using (DbCommand cmd = conn.CreateCommand())
{
cmd.CommandText = "INSERT INTO pdf (Id, Name) VALUES (5, 'kk')";
conn.Open();
conn.ExecuteNonQuery();
conn.Close();
}

It looks like you have multiple problems with your current code.
You need to enclose string values in single quotes, as pointed out in other answers.
You need to enable remote connection to your SQL server.
Check the following link if you are using SQL server 2008.
How to enable remote connections in SQL Server 2008?
and for SQL Server 2005 see:
How to configure SQL Server 2005 to allow remote connections