Quotes in string

Question

I'm trying to get information to use from a MySQL db. Because it did't work properly I put a hard string in (PR20120002)

string bestand;

MySqlCommand da = new MySqlCommand(cmdText: 
        "SELECT rapportnr, data 
        WHERE rapportnr=@Rapportnr", connection: con);

da.Parameters.AddWithValue("Rapportnr", "PR20110002");
MySqlDataReader dossier = da.ExecuteReader();

while (dossier.Read()) 
{
    [...]
}

Before reading the db i get this message:

Message=You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE rapportnr='PR20110002'' at line 1

What am I doing wrong?

You are missing the `FROM [table]`.. Your SQL should be something like `SELECT rapportnr, data FROM [table] WHERE rapportnr=@Rapportnr` — Raymond Nijland, Nov 28 '17 at 14:19
Possible duplicate of [single quotes escape during string insertion into a database](https://stackoverflow.com/questions/11912412/single-quotes-escape-during-string-insertion-into-a-database) — parik, Nov 28 '17 at 14:21
I would suggest doing a quick google search and typing in `SQL BASICS TUTORIAL` — MethodMan, Nov 28 '17 at 14:31
Thanks very much. Indeed it works now. We worked 6 hours to find a solution and didn't find it. Sometimes simple things are the easiest. — Willem Ederveen, Nov 28 '17 at 14:46

score 3 · Answer 1 · edited Nov 28 '17 at 14:21

3

The FROM statement is missing. SQL selects are structured this way:

SELECT {Column} FROM {Table} WHERE {Condition}

edited Nov 28 '17 at 14:21

Juan Carlos Oropeza

47,252
12
78
118

answered Nov 28 '17 at 14:19

ViRuSTriNiTy

5,017
2
32
58

Quotes in string

1 Answers1