First off, don;t do it like that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.
When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;
Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
DROP TABLE MyTable;
A perfectly valid "delete the table" command
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.
So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
Second, don't use ExecuteScalar with a SELECT query that returns multiple columns, and potentially multiple rows - what you get isn't particularly useful as it's content of the first column of the first row of the SELECTed data - which is subject to change if your DB design changes.
If you want to know how many matching rows there are, you need to ask that specific question with COUNT:
SELECT COUNT(sale-id) FROM Table_ERROR WHERE ...
which returns a single number.
Third, don't use SQL keywords as column names:
DATE
is a type in SQL, so when you use it as a column name, you need to surround it with "[" and "]" to indicate it's a literal name rather than the datatype you are using.
Fourth, don't hardcode connection strings into your apps : it means you have to change every single instance when you release code of change your system and it's very easy to get one wrong. Hold connections strings in a settings file so that it can be edited without changing your code!
And if you want to allow students to have three meals a day, you need to extend your query to check that the date matches, and that the appropriate meal has not been taken already: these are probably the
date
and
meal_time
what what the values you dump into them are, I have no idea so I can't directly help you with that.