Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I have a database called "users" where user information is saved. When you login with your name and pass, your name is send to the homeform, where i want to get the "to-do list" that's saved in the database with your info. Here's my code so far:
db_connection();
MySqlCommand cmd = new MySqlCommand();
cmd.CommandText = "SELECT * FROM `user` WHERE `username`=#username AND `todo`=#todo";
So basically i need to get the todo of the user (which is sent to this form as _name) lets say admin, and display it in tbTodo.
if it is in the same form you can try using
select `user`.todo from `user` where `username` = #username
considering username is unique
If the main problem is parameters - u can use property Parameters:
cmd.Parameters.AddWithValue("#username", user);
There is an example in msdn:
SqlCommand command = new SqlCommand(commandText, connection);
command.Parameters.Add("#ID", SqlDbType.Int);
command.Parameters["#ID"].Value = customerID;
// Use AddWithValue to assign Demographics.
// SQL Server will implicitly convert strings into XML.
command.Parameters.AddWithValue("#demographics", demoXml);
try
{
connection.Open();
Int32 rowsAffected = command.ExecuteNonQuery();
Console.WriteLine("RowsAffected: {0}", rowsAffected);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
I'm using below code but, it's giving me an error.
private void ma2()
{
try
{
string query = "select k7 from kholy1";
SqlCommand cmd = new SqlCommand(query, con);
cmd.CommandText = query;
con.Open();
SqlDataReader drd = cmd.ExecuteReader();
while (drd.Read())
{
comboBox5.Items.Add(drd.GetValue(0).ToString());
}
drd.Close();
}
catch
{
MessageBox.Show("Error ");
}
}
I'm getting an error while displaying the form!
You just simply use combo box tasks and check use Data Bound Items that's how you are able to connect it to sql database. Value member use to store it's value in database and Display Member use to Display value in front end.
You can use selected value using combobox1.SelectedValue.
Reference- Binding WPF ComboBox to a Custom List
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I still new to C# and just have 3 months plus of learning process. I would like to seeking advice on how to extract data value from my DataTable I have create for validation checking.
private void checker
{
string sqlSelect2 = "SELECT a.AccNo, a.CompanyName , a.CreditLimit, FROM Debtor a JOIN";
}
which i have named TableCehecker, i do not need to put it to gridview, just for checking purposes.
In the private void process how can I extract dataTable TableCehecker and the value?
Thank you,
Brian
You need to follow the Docs from MSDN:
SqlConnection sqlConnection1 = new SqlConnection("Your Connection String");
SqlCommand cmd = new SqlCommand();
SqlDataReader reader;
cmd.CommandText = "SELECT * FROM Customers";
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlConnection1;
sqlConnection1.Open();
reader = cmd.ExecuteReader();
// Data is accessible through the DataReader object here.
DataTable dt = new DataTable();
dt.Load(reader);
sqlConnection1.Close();
You can then check whatever you want of data inside the DataTable either by querying or by looping through the rows and checking the column values.
Based on your comments, to extract values from single row:
DataRow drow = dt.Rows[0];
string value = drow.Field<string>("CompanyName");
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I am creating a form for alerting the user that the stock for this item in the database is getting the limit or passed right through the limit.
this is my code for checking the quantity of a certain stock
conn.Open();
cmd.Connection = conn;
cmd.CommandText = "select * from tbl_BloodChemistry where Glucose = "+123+" ";
reader = cmd.ExecuteReader();
int count = 0;
while (reader.Read())
{
count = count + 1;
}
if (count == 1)
{
MessageBox.Show("Critical!");
}
conn.Close();
It's not actually the answer, but you have no reason to retrieve all data to collect count of rows. Use SQL COUNT and ExecuteScalar() for this.
Also, it's important to use command Parameters to your query. Don't ever build a query in your way! The input variable, Glucose, is typically retrieved from a TextBox control on either a Windows form or a Web Page. Anything placed into that TextBox control will be put into inputCity and added to your SQL string. This situation invites a hacker to replace that string with something malicious. In the worst case, you could give full control of your computer away.
Instead of dynamically building a string, as shown in the bad example above, use parameters. Anything placed into a parameter will be treated as field data, not part of the SQL statement, which makes your application much more secure.
Using parameterized queries is a three step process:
Construct the SqlCommand command string with parameters.
Declare a SqlParameter object, assigning values as appropriate.
Assign the SqlParameter object to the SqlCommand object's Parameters property.
var glucoseFilterValue = "123";
conn.Open();
cmd.Connection = conn;
cmd.CommandText = "select count(*) from tbl_BloodChemistry where Glucose = #Glucose";
cmd.Parameters.AddWithValue("#Glucose", glucoseFilterValue);
var count = (int) cmd.ExecuteScalar();
if (count == 1)
{
MessageBox.Show("Critical!");
}
conn.Close();
Then you'll make your code more clean and prevent extra loading to your communication channel.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I search on the net to execute oracle stored function and get the value of it
and I found something similar to this but i don't really understand it so i am not able to find out what's the error with it... please if someone can explan
whats happening after opening the connection with the database ?
public void Get_Office_Desc()
{
string oradb = "Data Source=mysource;User Id=emp;Password=00;";
var v_Office_code = Current_Office_code.Text;
string CommandStr = "F_Get_Office_Desc(:pOfficeCode)";
using (OracleConnection conn = new OracleConnection(oradb))
using (OracleCommand cmd = new OracleCommand(CommandStr, conn))
{
conn.Open();
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new OracleParameter("pOfficeCode", v_Office_code));
cmd.Parameters.Add("pOfficeDesc", OracleType.Char, 128);
cmd.Parameters["pOfficeDesc"].Direction = ParameterDirection.ReturnValue;
cmd.ExecuteNonQuery();
var pOfficeDesc = Convert.ToString(cmd.Parameters["pOfficeDesc"].Value);
messagebox.show(pOfficeDesc);
}
}
You need to set CommandType to StoredProcedure - like that:
cmd.CommandType = CommandType.StoredProcedure;
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
This method below goes into a table and deletes all of the table. But in the datatable "table" below in the first column there are dates which i would like to be deleted from the database. how would i go about doing this
Datatable table = new DataTable()
string sqlConnectionString =
"Server = 100.720.8.196; Database = testDat; User Id = sa; Password = ";
// Copy the DataTable to SQL Server
using (SqlConnection conn = new SqlConnection(sqlConnectionString))
{
string deleteSting =
"delete from dbo.testTable where clientId=1212";
conn.Open();
using (SqlCommand cmd = new SqlCommand(deleteSting, conn))
{
cmd.ExecuteNonQuery();
}
conn.Close();
}
I'm just guessing here, you probably mean to make the date column empty. If that's the case then you use UPDATE, like:
string updateString =
"UPDATE dbo.testTable SET datecol = #datecol where clientId=#clientID";
conn.Open();
using (SqlCommand cmd = new SqlCommand(updateString, conn))
{
cmd.Parameters.Add("#datecol", SqlDbType.Date).Value = DbNull.Value;
cmd.Parameters.Add("#clientID", SqlDbType.Int).Value = 1212;
cmd.ExecuteNonQuery();
}
conn.Close();
Well, there are a few options. You could loop through your table and create a string containing your dates in a comma separated list. With that, you can create a SQL Statement like delete from table where dateCol in (date1, date2, date3, etc...)
Or you could just loop through your data table, and do one delete per loop iteration. Either way will work.
However you decide to proceed, make sure to use parameters instead of string concatenation to prevent issues like SQL Injections:
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.parameters.aspx