enter code here string customerName = Request.Form[txtSearch.UniqueID];
string customerId = Request.Form[hfCustomerId.UniqueID];
Label1.Enabled = true;
Label1.Text = customerName;
DataRow dr = GetData("SELECT * FROM actor where first_name = " +txtSearch.Text.ToString() ).Rows[0];
Document document = new Document(PageSize.A4, 88f, 88f, 10f, 10f);
Font NormalFont = FontFactory.GetFont("Arial", 12, Font.NORMAL, Color.BLACK);
Is there any problem with mysql syntax?
Correct me if i am going wrong.
While i am searching with a specified value, this runs perfectly. But creating problem when trying to pass a value.
try this:
DataRow dr = GetData("SELECT * FROM actor where first_name = '" +txtSearch.Text+"' ).Rows[0];
Related
For several days I've been struggling to display data from the table in DataSet. When I do not put a condition in the WHERE, it displays the complete table, but only the rows in the table that meet the condition are required. If there are suggestions for a quicker view. Thanks a lot.
myConnectionString = pwput;
MySqlConnectionconpara = new MySql.Data.MySqlClient.MySqlConnection();
conpara.ConnectionString = myConnec DataSetionString;
try
{
conpara.Open();
if (conpara.State == ConnectionState.Open)
{
string waccoun1 = wnalog1.ToString();
string waccoun2 = wnalog2.ToString();
stringnupita = "SELECT * FROM book WHERE year=wyear AND account >=
waccount1 AND account <= waccount1";
MySqlCommandcmdnal = new MySqlCommand(nupita,conpara);
MySqlCommand(nupita,conpara);cmdnal.Parameters.AddWithValue("#year",
wyear);
MySqlDataAdapte radda = new MySqlataAdapter(cmdnal);
MySqlCommandBuildercbb = new MySqlCommandBuilder(adda);
DataSet dsd = new DataSet();
adda.Fill(dsd, "book");
conpara.Close();
if (dsd != null)
{
dataGridView1.DataSource = dsd;
dataGridView1.DataMember = "book";
Font = new System.Drawing.Font("Arial Unicode", 7);
dataGridView1.Font = Font;
{
You need to use parameters like so:
...
stringnupita = "SELECT * FROM book WHERE year=#year AND account >=
#waccount1 AND account <= #waccount2";
MySqlCommand(nupita,conpara);cmdnal.Parameters.AddWithValue("#year",
wyear);
MySqlCommand(nupita,conpara);cmdnal.Parameters.AddWithValue("#waccount1",
waccount1);
MySqlCommand(nupita,conpara);cmdnal.Parameters.AddWithValue("#waccount2",
waccount2);
...
When I run this code:
string MySQL = "Select * From RegisterDatabase Where uName = '" + Request.Form["username"] +"'";
It didn't work for me, so I tried to see what the problem was and it turns out there's a comma in MySQL.
Select * From RegisterDatabase Where uName = 'Test,'
How do I fix this?
Your code is prone to SQL Injection attack.
You want to parameterized query like this -
string query = "Select * From RegisterDatabase Where uName = #username";
// Remove "," from username
string username = Request.Form["username"].ToString().Replace(",", "");
MySqlCommand command = new MySqlCommand(query);
command.Parameters.AddWithValue("#username", username);
Or some use ?username instead of #username.
Use following
Request.Form["username"].ToString().Replace(',',' ').Trim();
I have this method and I have not been able to order my result. It wont order at all.
Do you know what am doing wrong ?
public IEnumerable<SelectListItem> GetBranches()
{
List<SelectListItem> objList = null;
var strQuery = (from sl in _objDataCollection.Edmm_Tester
orderby sl.Code
select new SelectListItem() {Text = sl.Name, Value = sl.Code}).Distinct();
objList = strQuery.ToList();
return objList;
}
use this:
objList = strQuery.OrderBy(e=>e.Code).ToList();
Or this:
var strQuery = (from sl in _objDataCollection.Edmm_Tester
select new SelectListItem()
{
Text = sl.Name
, Value = sl.Code
}).OrderBy(e=>e.Code).Distinct();
I created a 8 column table in SQL Server 2008. I entered data into 1st 2 column of the table and remaining columns I left allow nulls.
I am trying to add data to remaining 6 columns based on the data entered in 1st 2 columns, but I'm not able to add the data. Was leaving another 6 columns into "Allow nulls" caused this problem.
If yes, is there any solution for this?
Thanks.
string str = (#"Data Source=.\;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True;");
try
{
String sql = "(insert into usn (firstname, lastname, password, address, bloodgrp, contactnum, email) values (#st1, #st2, #st3, #st4, #st5, #st6, #st7) WHERE usn = '" + omd + "' )";
SqlConnection conn = new SqlConnection(str);
conn.Open();
SqlCommand cmd = new SqlCommand(sql, conn);
{
cmd.Parameters.AddWithValue("#st1", TextBox1.Text);
cmd.Parameters.AddWithValue("#st2", TextBox2.Text);
cmd.Parameters.AddWithValue("#st3", TextBox3.Text);
cmd.Parameters.AddWithValue("#st4", TextBox10.Text);
cmd.Parameters.AddWithValue("#st5", TextBox6.Text);
cmd.Parameters.AddWithValue("#st6", TextBox7.Text);
cmd.Parameters.AddWithValue("#st7", TextBox8.Text);
cmd.ExecuteNonQuery();
Response.Redirect("accountcreated.aspx");
conn.Close();
}
If you already have records in your table, you need to use UPDATE, not INSERT.
So, your query should be something like
UPDATE usn
SET firstname = #st1,
lastname = #st2,
password = #st3,
address = #st4,
bloodgrp = #st5,
contactnum = #st6,
email = #st7
WHERE usn = ...
You can't INSERT into a column, you use INSERT only to put data into a table (creating a record).
So, your sql String should look something like this.
String sql = "(UPDATE usn SET firstname = #st1, lastname = #st2, password = #st3, address = #st4, bloodgrp = #st5, contactnum = #st6, email = #st7 WHERE usn = '" + omd + "' )";
While running the code it is giving error " Cannot find column [max]." but i have added the max and min column to the table in the dataset
MySql.Data.MySqlClient.MySqlConnection mycon = new MySqlConnection(GetConnectionString());
if (mycon.State != ConnectionState.Open)
{
string sqlCat = "SELECT * FROM out_of_mark_table";
string sqlProd = "SELECT * FROM scord_mark_table";
MySqlDataAdapter da = new MySqlDataAdapter(sqlCat, mycon);
DataSet ds = new DataSet();
try
{
mycon.Open();
da.Fill(ds, "out_of_mark_table");
da.SelectCommand.CommandText = sqlProd;
da.Fill(ds, "scord_mark_table");
}
finally
{
mycon.Close();
}
DataRelation relat = new DataRelation("CatProds", ds.Tables["out_of_mark_table"].Columns["test_id"], ds.Tables["scord_mark_table"].Columns["test_id"]);
ds.Relations.Add(relat);
DataColumn count = new DataColumn("Products (#)", typeof(int), "COUNT(Child(CatProds).test_id)");
DataColumn max = new DataColumn("Most Expensive Product", typeof(decimal), "MAX(Child(CatProds).total)");
DataColumn min = new DataColumn("Least Expensive Product", typeof(decimal), "MIN(Child(CatProds).total)");
DataColumn no=new DataColumn("No");
DataColumn IdCol = new DataColumn();
min.Caption = "min";
max.Caption = "max";
string expr = "max * min";
IdCol.ColumnName = "ID";
IdCol.DataType = Type.GetType("System.Int32");
IdCol.ReadOnly = true;
IdCol.AllowDBNull = false;
//IdCol.Unique = true;
IdCol.AutoIncrement = true;
IdCol.AutoIncrementSeed = 1;
IdCol.AutoIncrementStep = 1;
ds.Tables["out_of_mark_table"].Columns.Add(count);
ds.Tables["out_of_mark_table"].Columns.Add(max);
ds.Tables["out_of_mark_table"].Columns.Add(min);
ds.Tables["out_of_mark_table"].Columns.Add(IdCol);
DataColumn sum = new DataColumn("Sum of", typeof(int), expr, MappingType.Attribute);
**ds.Tables["out_of_mark_table"].Columns.Add(sum);**
IdCol.SetOrdinal(0);
GridView1.DataSource = ds.Tables["out_of_mark_table"];
GridView1.DataBind();
You have set the captions to "Max" and "Min", but the DataColumns's identifier is it's Ordinal or ColumnName. You have set the ColumnName via constructor to
"Most Expensive Product" and "Least Expensive Product"
So use
string expr = "[Most Expensive Product] * [Least Expensive Product]";
instead.