We Keep Coding

How to Wrap dynamic string variables in double quoutes

I have static body which works great. But how I can wrap the same dynamic strings with double quotes - >""
Static Body
var body = #"{" + "\n" +
#" ""profile"": {" + "\n" +
#" ""firstName"": ""Isaac1""," + "\n" +
#" ""lastName"": ""Brock1""," + "\n" +
#" ""email"": ""isaac1.brock#example.com""," + "\n" +
#" ""login"": ""isaac1.brock#example.com""," + "\n" +
#" ""mobilePhone"": ""555-415-1337""" + "\n" +
#" }" + "\n" +
#"}";
Dyanmic Content (FirstName, LastName, Email, MobilePhone should all be wrapped with "")
var body1 = #"{" + "\n" +
#" ""profile"": {" + "\n" +
#" ""firstName"": "+ firstName + "," + "\n" +
#" ""lastName"": "+lastName+"," + "\n" +
#" ""email"": "+email+"," + "\n" +
#" ""login"": "+email+"," + "\n" +
#" ""mobilePhone"": "+mobilePhone+"" + "\n" +
#" }" + "\n" +
#"}";

you can wrap a variable using string escape syntax " \ ""
var body1 = #"{" + "\n" +
#" ""profile"": {" + "\n" +
#" ""firstName"": " + "\"" + firstName + "\"" + "," + "\n" +
#" ""lastName"": " + "\"" + lastName + "\"" + "," + "\n" +
//.....
#" }" + "\n" +
#"}";
but IMHO it is more safe to create a json object and after this to serialize it to a json string , using Newtonsoft.Json for example
var body = new JObject {
["profile"]=new JObject {
["firstName"] = firstName,
["lastName"] = lastName
//...
}
}.ToString();
or you can replace JObject with an anonymos class and serialize after creaing.
var body = JsonConvert.SerializeObject(new
{
profile = new
{
firstName = firstName,
lastName = lastName
//...
}
}, Newtonsoft.Json.Formatting.Indented);

c# How do I solve error mysql the used command is not allowed 1148?

I am executing a SQL query from C# but get the error:
MySql.Data.MySqlClient.MySqlException: 'The used command is not allowed with this MariaDB version'
Any help / pointers would be appreciated.
Here is my code:
private bool SaveCsvLines(string strFileName)
{
bool bResult = false;
if (ConnectToDatabase())
{
// Here we load the string variable with the SQL we want to run
string strLineInsert = "LOAD DATA LOCAL INFILE " +
"'" + strFileName + "' " +
"INTO TABLE pfetest1.maerskInvoiceLine " +
"FIELDS TERMINATED BY ',' " +
"LINES TERMINATED BY '\r\n' " +
"IGNORE 1 LINES " +
"(container, " +
"size, " +
"vessel, " +
"portOfLoad, " +
"porCityCode, " +
"portOfDischarge, " +
"podCityCode, " +
"postCode, " +
"invoiceNo, " +
"SET createdTimestamp = NOW(), " +
"createdUserId = 1, " +
"updatedTimestamp = NOW(), " +
"updatedUserId = 1, " +
"headerId = " + m_iFileId + ", " +
"eta = STR_TO_DATE(#eta, '%d/%m/%Y')";
//Now we execute that statement
MySqlCommand command = new MySqlCommand(strLineInsert, con);
bResult = (command.ExecuteNonQuery() == 1);
}
return bResult;
}

Switched to using MySQLBulkloader. That way I can define the columns etc. first then pump the data in.

Insert from code or store procedure mysql

Well i have to do a series of updates and inserts.
I have this code on vb.net
Dim posicion_id As Integer = MysqlObj.ejecutarInsert("INSERT INTO posicion (dispositivoid, mensajeid, fechahora, longitud, latitud, altura, velocidad, direccion, resultadoid, descripcion, gpsweek, gpsseconds, notificacionenviada, positiontype) VALUES (" + msj.dispositivoid + "," + msj.mensajeid + ",'" + msj.fechahora + "','" + msj.longitud + "','" + msj.latitud + "'," + msj.altura + "," + msj.velocidad + "," + msj.direccion + "," + msj.resultadoid + ",'" + msj.descripcion + "'," + msj.gpsweek + "," + msj.gpsseconds + "," + msj.notificacionenviada + "," + msj.positiontype + "); SELECT LAST_INSERT_ID()").ToString()
If (Integer.Parse(msj.mensajeid) > 0) Then
MysqlObj.ejecutarInsert("INSERT INTO mensajedescripcion (mensajeid, fechahora, dispositivoid, secuencia) VALUES (" + msj.mensajeid + ",'" + msj.fechahora + "'," + msj.dispositivoid + ",0)")
End If
MysqlObj.ejecutarUpdate("UPDATE dispositivo SET ultimoMensaje = '" + msj.fechahora + "', fechanotificacion = '" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss") + "' WHERE dispositivoid = " + msj.dispositivoid)
If (MysqlObj.hasRows("SELECT * FROM posicion_current WHERE dispositivoid = " + msj.dispositivoid)) Then
MysqlObj.ejecutarUpdate("UPDATE posicion_current SET posicionid = " + posicion_id.ToString() + ", mensajeid = " + msj.mensajeid + ", fechahora = '" + msj.fechahora + "', longitud = '" +
msj.longitud + "', latitud = '" + msj.latitud + "', altura = " + msj.altura + ", velocidad = " + msj.velocidad + ", direccion = " + msj.direccion + ", resultadoid = " + msj.resultadoid + ", descripcion = '" + msj.descripcion +
"', gpsweek = " + msj.gpsweek + ", gpsseconds = " + msj.gpsseconds + ", notificacionenviada = " + msj.notificacionenviada + " WHERE dispositivoid = " + msj.dispositivoid)
Else
MysqlObj.ejecutarInsert("INSERT INTO posicion_current (posicionid, mensajeid, fechahora, longitud, latitud, altura, velocidad, direccion, resultadoid, descripcion, gpsweek, gpsseconds, notificacionenviada) VALUES (" + posicion_id + "," + msj.mensajeid + ",'" + msj.fechahora + "','" + msj.longitud + "','" + msj.latitud +
"'," + msj.altura + "," + msj.velocidad + "," + msj.direccion + "," + msj.resultadoid + ",'" + msj.descripcion + "'," + msj.gpsweek + "," + msj.gpsseconds + "," + msj.notificacionenviada + ")")
Is it better for performance to do it like that or a single stored procedure that receives all data and does each insert update
DECLARE existss INT DEFAULT 0;
INSERT INTO posicion (dispositivoid, mensajeid, fechahora, longitud, latitud, altura, velocidad, direccion, resultadoid, descripcion, gpsweek, gpsseconds, notificacionenviada, positiontype)
VALUES (_dipositivoid, _mensajeid, _fechahora, _longitud, _latitud, _altura, _velocidad, _direccion, 0, _descripcion, 0, 0, 1, 4219724);
SELECT COUNT(*) INTO #existss FROM posicion_current WHERE dispositivoid = _dispositivoid
IF (#existss > 0) THEN
UPDATE posicion_current SET posicionid = LAST_INSERT_ID(), mensajeid = _mensajeid, fechahora = _fechahora, longitud = _longitud, latitud = _latitud,
altura = _altura, velocidad = _velocidad, direccion = _direccion, resultadoid = 0, descripcion = _descripcion, gpsweek = 0, gpsseconds = 0, notificacionenviada = 1
WHERE dispositivoid = _dispositivoid;
ELSE
INSERT INTO posicion_current (dispositivoid, mensajeid, fechahora, longitud, latitud, altura, velocidad, direccion, resultadoid, descripcion, gpsweek, gpsseconds, notificacionenviada)
VALUES (_dipositivoid, _mensajeid, _fechahora, _longitud, _latitud, _altura, _velocidad, _direccion, 0, _descripcion, 0, 0, 1);
END IF;
UPDATE dispositivo SET ultimoMensaje = _fechahora, fechanotificacion = NOW() WHERE dispositivoid = _dispositivoid;
INSERT INTO mensajedescripcion (mensajeid, fechahora, dispositivoid, secuencia) VALUES (_mensajeid, _fechahora, _dispositivoid, 0);

Change the COUNT(*)...IF...UPDATE...ELSE...INSERT into
INSERT ... ON DUPLICATE KEY UPDATE ...
That will be faster and simpler.

update query and calculation part in GRN

String status = "active", nit = "", grniid = "", sumn = "";
try {
Connection ss = Class_DB.myconnection();
Statement st = ss.createStatement();
ResultSet rs = st.executeQuery("select stock_in_hand from item_supplier where item_ID =('" + TF_GRN_ITEMID.getSelectedItem() + "')");
grniid = TF_GRN_NO_OF_ITEM.getText();
int aa = Integer.parseInt(grniid);
while (rs.next()) {
nit = rs.getString("stock_in_hand");
}
int bb = Integer.parseInt(nit);
sumn = grniid + nit;
int cc = Integer.parseInt(sumn);
st.executeUpdate("insert into grn1 values('" + TF_GRN_GRNNO.getText() + "','" + TF_GRN_SUPPLIERID.getSelectedItem() + "','" + TF_GRN_AMOUNT.getText() + "','" + TF_GRN_DATE.getText() + "')");
st.executeUpdate("insert into grn2 values('" + TF_GRN_GRNNO.getText() + "','" + TF_GRN_ITEMID.getSelectedItem() + "','" + TF_GRN_EXP_DATE.getText() + "','" + TF_GRN_TAX.getText() + "','" + TF_GRN_NO_OF_ITEM.getText() + "','" + TF_GRN_GAMOUNT.getText() + "','" + TF_GRN_NAMOUNT.getText() + "','" + TF_GRN_QTY.getText() + "','" + TF_GRN_UNIT.getText() + "','" + TF_GRN_FREE.getText() + "','" + TF_GRN_DIS.getText() + "')");
st.executeUpdate("update item_supplier set stock_in_hand='" + cc + "' where item_ID='" + TF_GRN_ITEMID.getSelectedItem() + "'");
JOptionPane.showMessageDialog(null, "Data Saved");
clearing();
} catch (Exception ex) {
JOptionPane.showMessageDialog(null, "There is some error.Please contact admin");
ex.printStackTrace();
}
This is the GRN Query. GRN stands for Good Receive Note.
When we recieve Goods/Items from the supplier the company receives a GRN.
The Details of the items will be included in the GRN.
These data/details will be inserted in GRN1 table, GRN2 table and item_Supplier table will be updated according to it.
nit is the variable, using item_id table and item supplier table, stock in hand will be retrieved.
bb is the variable used to pass nit to an integer.
grnid is No of items which we type in the interface will be included in grnidvariable.
aa is the variable used to pass grnid to integer.
class_DB - connection class of the database.
Our problem is
1) he is inserted to GRN1 and GRN2 tables, but item_supplier table is not updated.
2) We want to know if our calculation is correct or not.

DataAdapter.Update() doesn't work to update

my sql statments are as follows
the insert statement only works
update and delete statements don't work
Purchase_InvoiceNo is a primary key column of Purchase table
i get this value like this and insert its value to PurchaseProduct table
"SELECT IDENT_CURRENT ('Purchase') AS [Purchase_InvoiceNo]"
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct " +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
string updatcmd_PurchaseProduct =
"UPDATE PurchaseProduct "
+ " SET "
+ " PurchaseProduct_SerialNo =#PurchaseProduct_SerialNo"
+ ", Purchase_InvoiceNo =#Purchase_InvoiceNo"
+ ", ProductNo =#ProductNo"
+ " PurchaseProduct_Quantity =#PurchaseProduct_Quantity "
+ ", PurchaseProduct_Unit =#PurchaseProduct_Unit"
+ ", PurchaseProduct_Price =#PurchaseProduct_Price"
+ " Where "
+ " PurchaseProduct_No=#PurchaseProduct_No";
string insertcmd_PurchaseProduct = "INSERT INTO PurchaseProduct" +
"(" +
" PurchaseProduct_SerialNo"+
",Purchase_InvoiceNo" +
",ProductNo" +
",PurchaseProduct_Quantity " +
",PurchaseProduct_Price" +
",PurchaseProduct_Unit" + //6
")" +
"Values" +
"(" +
" #PurchaseProduct_SerialNo"+
",#Purchase_InvoiceNo" +
",#ProductNo " +
",#PurchaseProduct_Quantity " +
",#PurchaseProduct_Price" +
",#PurchaseProduct_Unit" + //6
");";

Your Delete command appears to be incomplete:
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct " +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
should be:
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct WHERE" +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
I can't see why the INSERT should fail unless you're inserting a duplicate primary key value or you're not inserting data into a non-nullable field which does not have a default.
string updatcmd_PurchaseProduct =
"UPDATE PurchaseProduct "
+ "SET PurchaseProduct_SerialNo = #PurchaseProduct_SerialNo, "
+ "Purchase_InvoiceNo = #Purchase_InvoiceNo, "
+ "ProductNo = #ProductNo, "
+ "PurchaseProduct_Quantity = #PurchaseProduct_Quantity, "
+ "PurchaseProduct_Unit = #PurchaseProduct_Unit, "
+ "PurchaseProduct_Price = #PurchaseProduct_Price "
+ "Where PurchaseProduct_No = #PurchaseProduct_No";
There was a missing comma above.