Can someone check whats wrong in this query

“Insert into OzLogs('”+ Id.ToString+“‘,’”+Process.ToString+“‘,’”+Comment.ToString+“')”

i got this error message
A
my database
act

you can check my db file also
DB.xaml (8.3 KB)

There may also be some unescaped characters in the variables being used. Santiize the string as you would do on any SQL INSERT/UPDATE query.

You don’t want Little Bobby Tables happening: xkcd: Exploits of a Mom

Thanks!!

1 Like

Hi,

your query is something like this:

Insert into OzLogs(‘1’,‘Umer’,‘This is process’)

can you try by adding the “VALUES” keyword and using a syntax like the following?

INSERT INTO table_name
VALUES (value1 , value2 , value3 , …);

You can check the syntax of your command here if you print it out :
EverSQL SQL Syntax Checker & SQL Validator | Free

@Irene

I guess in your comments you have a single quote which is to be escaped

Cheers

Drag and drop the “Execute Query” activity onto your workflow.
In the Properties panel, configure the following properties:
Connection String**: Specify the connection string for your database.
Provider Name**: Select the appropriate database provider.
SQL Query**: Enter your LINQ query for the insert statement.

context.TableName.InsertOnSubmit(new YourEntity
{
    Column1 = value1,
    Column2 = value2,
    // Set other properties accordingly
});

context.SubmitChanges();

Try this Linq Query..
Thanks.
Battlebots

i am not using hard coded values

I’m just referring to the .xaml file you shared in your post. :slight_smile:
My main point is: can you try adding the keyword “VALUES” to your query, so that it looks like this?

“INSERT INTO OzLogs VALUES (‘”+ Id.ToString+“‘,’”+Process.ToString+“‘,’”+Comment.ToString+“’);”

And also check for quotation marks in the “Comment” variable, as most other people suggested.

nope its not working

I ran your .xaml file and this works for me after I add the “VALUES” keyword:

image

Without that keyword I get the same error as you:

Use a Log Message activity and put the query expression into it so you can see what the resulting final actual query is. Post it here.