Access Database error:: “No value given for one or more required parameters.”

c# winforms ms-access datagridview oledbdatareader

16,435

Solution 1

This kind of string concatenations are open for SQL Injection attacks.

string query = "select [Description] from [General] where AccCode= ? and conpanyID= ?";
OleDbCommand cmd1 = new OleDbCommand(query, con);
cmd1.Parameters.AddWithValue("@acc", dgv.Rows[i].Cells[0].Value);
cmd1.Parameters.AddWithValue("@ID", label1.Text);

As HansUp pointed, Description and General are reserved keywords. Use them with square brackets like [Description] and [General]

Solution 2

As suggested, use parameterized queries.

As far as the error is concerned, I'm guessing this field name is wrong:

conpanyID=

should be:

companyID=

Solution 3

Use Parameters, otherwise it will open for sql injection attacks.

string query = "select [Description] from General where AccCode=? and conpanyID=?";

now you can set parameters

cmd.Parameters.AddWithValue("@p1", val1);
cmd.Parameters.AddWithValue("@p2", val2);

16,435

Author by

Animesh Ghosh

Updated on June 12, 2022

Comments

Animesh Ghosh almost 2 years

I have a datagridview. In this DGV first colum is a combobox column. I want to make, when this combobox value is selected next fild will be filled automatically from database. But there shows a error.

No value given for one or more required parameters on OleDbDataReader dr1 = cmd1.ExecuteReader();

I post the code. Please help me.

OleDbConnection con = new OleDbConnection(conn);
con.Open();

for (int i = 0; i < dgv.Rows.Count; i++)
{

    string query = "select Description from General where AccCode='" +
        dgv.Rows[i].Cells[0].Value +
        "' and conpanyID='" +
        label1.Text + "'";
    OleDbCommand cmd1 = new OleDbCommand(query, con);
    //OleDbDataAdapter daBranchName = new OleDbDataAdapter(cmd);
    OleDbDataReader dr1 = cmd1.ExecuteReader();
    while (dr1.Read())
    {
        dgv.Rows[i].Cells[1].Value = dr1["Description"].ToString();
    }
}
con.Close();

Mike Perrenoud over 10 years

This can't be the code you're executing when getting this error. It's just not possible. There are no parameters in the query.

HansUp over 10 years

Description is a reserved word. Bracket that name in the SQL statement: SELECT [Description] FROM ...
Damith over 10 years

@AnimeshGhosh do you have columns called AccCode and conpanyID in your General table? what are the column types in database for those?
Damith over 10 years

@AnimeshGhosh use [] for Description as my updated answer
HansUp over 10 years

Also double-check conpanyID vs. companyID as Lars suggested.
HansUp over 10 years

You're welcome, Soner. I didn't notice at first, but General is also a reserved word. Apparently that one didn't create a problem in this case.