Insert into msAccess problems

C

chumley

I'm using Access dbase for a simple insertion, when i post from my
form page into my insertion script, i get error at the
StrConnz.Execute (StrSql) command line of the query needs to be
updateable type:
Microsoft JET Database Engine error '80004005'
Operation must use an updateable query.
/providerform/fo-add.asp, line 25

'''''''''''''''''
<%@ LANGUAGE="VBSCRIPT"%>
<%Response.Buffer = True%>
<%
dim dsn,StrConnz
dsn="Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" &
Server.MapPath("fo1.mdb")
Set StrConnz = Server.CreateObject("ADODB.Connection")
StrConnz.Open dsn

dim strSql
strSql = "insert into tblMain
(LastName,FirstName,fund,Industry,Company) values ('"
strSql = StrSql & replace(Request.Form("LastName"),"'","''") & "', '"
strSql = StrSql & Request.Form("FirstName") & "', '"
strSql = StrSql & Request.Form("fund") & "','"
strSql = StrSql & Request.Form("Industry") & "', '"
strSql = StrSql & Request.Form("Company") & "')"
StrConnz.Execute (StrSql) %>

not sure why as i am connecting properly to dbase

???
chumley
 
B

Bob Barrows

chumley said:
I'm using Access dbase for a simple insertion, when i post from my
form page into my insertion script, i get error at the
StrConnz.Execute (StrSql) command line of the query needs to be
updateable type:
Microsoft JET Database Engine error '80004005'
Operation must use an updateable query.
/providerform/fo-add.asp, line 25

'''''''''''''''''
<%@ LANGUAGE="VBSCRIPT"%>
<%Response.Buffer = True%>
<%
dim dsn,StrConnz
dsn="Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" &
Server.MapPath("fo1.mdb")
Set StrConnz = Server.CreateObject("ADODB.Connection")
StrConnz.Open dsn

dim strSql
strSql = "insert into tblMain
(LastName,FirstName,fund,Industry,Company) values ('"
strSql = StrSql & replace(Request.Form("LastName"),"'","''") & "', '"
strSql = StrSql & Request.Form("FirstName") & "', '"
strSql = StrSql & Request.Form("fund") & "','"
strSql = StrSql & Request.Form("Industry") & "', '"
strSql = StrSql & Request.Form("Company") & "')"
StrConnz.Execute (StrSql) %>
Click to expand...
http://www.aspfaq.com/show.asp?id=2062

Further points to consider:
Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23

See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e

Personally, I prefer using stored procedures, or saved parameter queries
as
they are known in Access:

Access:
http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&[email protected]

http://groups.google.com/groups?hl=...=1&[email protected]
 
D

Dan

chumley said:
I'm using Access dbase for a simple insertion, when i post from my
form page into my insertion script, i get error at the
StrConnz.Execute (StrSql) command line of the query needs to be
updateable type:
Microsoft JET Database Engine error '80004005'
Operation must use an updateable query.
/providerform/fo-add.asp, line 25

'''''''''''''''''
<%@ LANGUAGE="VBSCRIPT"%>
<%Response.Buffer = True%>
<%
dim dsn,StrConnz
dsn="Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" &
Server.MapPath("fo1.mdb")
Set StrConnz = Server.CreateObject("ADODB.Connection")
StrConnz.Open dsn

dim strSql
strSql = "insert into tblMain
(LastName,FirstName,fund,Industry,Company) values ('"
strSql = StrSql & replace(Request.Form("LastName"),"'","''") & "', '"
strSql = StrSql & Request.Form("FirstName") & "', '"
strSql = StrSql & Request.Form("fund") & "','"
strSql = StrSql & Request.Form("Industry") & "', '"
strSql = StrSql & Request.Form("Company") & "')"
StrConnz.Execute (StrSql) %>

not sure why as i am connecting properly to dbase

???
chumley
Click to expand...

As well as Bob's recommendation of using parameterised queries, also check
that the ASP application has write permission to the folder that the mdb
file is located in (if not then the database is opened as read only. Is
tblMain a table, or a query? If it's a query, it will be unupdateable if any
of the tables involved don't have a primary key, or if you are using any
joins other than INNER.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DataAdd Error: Arguments are wrong type or are out of acceptable r 1
Must use updateable query? 4
Syntax error in INSERT INTO statement 6
help please on insert statement into Access from webpage ! 0
Irritating INSERT INTO Error 6
INSERT error :: Updateable query? 6
Firewall problems 0
IIS5 > IIS6 Aspx pages with MSAccess dbs no longer working 8

Members online

Total: 66 (members: 1, guests: 65)
Robots: 421

Forum statistics

Threads
473,968
Messages
2,570,154
Members
46,702
Latest member
LukasConde

Latest Threads

Top