Hi everybody,

I'm looking into the existing code trying to figure out the problem. This code is supposed to create a recurring event, so it is supposed to insert a record into the Programs table and then multiple records into ProgramsTimes table. It is done directly through CommandText.

This is the code:

Command.CommandText = string.Format("INSERT INTO Programs (ProgName, ProgramDescription, " +
"Location, CoordinatorID) VALUES('{0}','{1}', '{2}',{3})\nSELECT @@IDENTITY", this.txtbName.Text,
this.txtbDescription.Text, this.txtbLocation.Text, CoID);

When I was testing this from the user interface I typed ' in the Description field.

I'm getting an error 'Incorrect syntax near 's. Unclosed quotation mark...'

So, my first question - is the above command correct or should it be changed?

My second question - how can I insert datetime when I'm writting a comment?

Also, is it a general practice to handle this problem with direct insert commands or there is a better way of doing it? There is a complex logic of calculating dates and times depending on the interface...

Thanks a lot in advance.