Multiple SQL Queries in C# returning a variable as a column -

-

i'm working on school project create registration system. chosen means of db use t-sql it's i'm familiar.

i'm using below code query db

    public void button3_click(object sender, eventargs e)     {         string studentid = (textbox1.text);         string querydob = "select dob,lastname,degree student studentid = " + studentid;          sqlconnection con = new sqlconnection(properties.settings.default.srsconnectionstring);         con.open();          sqlcommand dob = new sqlcommand(querydob, con);          sqldatareader stidreader = dob.executereader();          if (stidreader.read())         {             textbox2.text = stidreader["dob"].tostring();             textbox3.text = stidreader["lastname"].tostring();             textbox5.text = stidreader["degree"].tostring();         }         else         {             messagebox.show("your id not recognised. please try again.");             textbox1.clear();             textbox2.clear();             textbox3.clear();             textbox5.clear();         }          con.close();     }      private void textbox5_textchanged(object sender, eventargs e)     {         string degree = textbox5.text;         string degsql = "select modname module degree = " + degree;         sqlconnection con = new sqlconnection(properties.settings.default.srsconnectionstring);         dataset dsm = new dataset();         sqldataadapter connect = new sqldataadapter(degsql, con);          con.open();          connect.fill(dsm);         this.listbox2.datasource = dsm.tables[0];         this.listbox2.displaymember = "modname"; }

the first section button click works when run query in next event (textbox change) query returns error message invalid column found. well, column found variable should using query, not column confusing.

i know there can issues called mars db seems right version.

can shed light?

appreciate it,

jamie

you missing single quotes around variable name. change code fix sql:

string degsql = "select modname module degree = '" + degree + "'";

or looks better:

string degsql = string.format(     "select modname module degree = '{0}'",      degree);

however, should not way exposes sql injection attacks. read question understand means: how parameterized queries against sql injection?

here code , avoid nasty security issues:

private void textbox5_textchanged(object sender, eventargs e) {     string degree = textbox5.text;     string degsql = "select modname module degree = @degree";      dataset dsm = new dataset();      using(var con = new sqlconnection(properties.settings.default.srsconnectionstring))     {         sqlcommand cmd = new sqlcommand(degsql, con);         // use appropriate sqldbtype:         var parameter = new sqlparameter("@degree", sqldbtype.varchar);         parameter.value = degree;         cmd.parameters.add(parameter);          sqldataadapter connect = new sqldataadapter(cmd);         connect.fill(dsm);     }      this.listbox2.datasource = dsm.tables[0];     this.listbox2.displaymember = "modname";

Comments

Post a Comment

Popular posts from this blog

ruby on rails - RuntimeError: Circular dependency detected while autoloading constant - ActiveAdmin.register Role -

-
i using activeadmin , have file doing this: activeadmin.register role something--- end however, server gives me error: runtimeerror: circular dependency detected while autoloading constant role /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:461:in `load_missing_constant' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:184:in `const_missing' ~/desktop/boxfox/app/admin/role.rb:1:in `<top (required)>' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:424:in `load' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:424:in `block in load_file' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:616:in `new_constants_in' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:423:in `load_file' /library/ruby/gems/2.0.0/gems/activesuppor
Read more

c++ - OpenMP unpredictable overhead -

-
i have simple openmp code runs 4 empty threads , reports time: #include "omp.h" #include <sys/time.h> #include <cstdio> double start_time; void process_thread() { } int main(){ struct timeval tv; gettimeofday(&tv, null); start_time = 1000*((double)tv.tv_sec + 1e-6*(double)tv.tv_usec); printf("beginning time: %.3fms ",start_time-start_time); #pragma omp parallel schedule(static,1) for(int i=0;i<4;i++) process_thread(); gettimeofday(&tv, null); double cur_time = 1000*((double)tv.tv_sec + 1e-6*(double)tv.tv_usec); printf("finishing time: %.3fms\n\n",cur_time-start_time); } without openmp running time small , consistent: beginning time: 0.000ms finishing time: 0.050ms beginning time: 0.000ms finishing time: 0.050ms beginning time: 0.000ms finishing time: 0.049ms beginning time: 0.000ms finishing time: 0.049ms beginning time: 0.000ms finishing time: 0.050ms beginnin
Read more

javascript - Wordpress slider, not displayed 100% width -

-
so im making first wordpress theme scratch going fine got problem. want slider on homepage 1 thing wrong. im setting width of image 100% !important doesnt go 100% width. makes image wider not 100%. example here: http://bit.ly/11ouebg see image doesnt contain whole width. can see background-color. really weird, im using meteor slides. i hope can me out :d
Read more