System.Format Exception

The programm i wrote throws up an Exception because of this code: 

queryString = String.Format("INSERT INTO Playlists (PlaylistID, PlaylistName, PlaylistCreator) VALUES ('{0}', '{1]', '{2}');", CurrentPlaylistID, playlistInfo[1], playlistInfo[0]);

All Variables are Strings. I also have a similiar String.Format after this an it works fine. There are also 3 Variables, all are Strings.

Can't find a way to solve this Error, it says formatting Error, but why?

Hope you can help me

Jon Skeet
people
quotationmark

Don't fix the exception - stop constructing SQL like this to start with. (The exception is due to a typo as Pheonyx suggested, but don't just fix that.)

Instead, use parameterized SQL, and specify the values as parameter values. Otherwise:

  • You're leaving yourself open to SQL Injection Attacks
  • Your code is harder to read
  • You can easily end up with conversion issues, particularly with dates

See the documentation for SqlCommand.Parameters for more details - we can't tell what database you're targeting to give you more specific help, but typically you'll find a properties called Parameters on the relevant command class.

people

See more on this question at Stackoverflow