Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 5 years ago.
Improve this question
so, I have this code
MySqlConnection connection = new MySqlConnection("Server=localhost;Port=3306; Database=brez-db;Uid=root;Pwd=root;");
try {
connection.Open();
String Query = "SELECT 1 FROM users_table WHERE user_Username='" + usernameTB.Text + "' AND user_Password='" + passwordTB.Password + "'";
MySqlCommand myCommand = new MySqlCommand(Query, connection);
MySqlDataReader myReader = myCommand.ExecuteReader();
while (myReader.Read())
{
String str = myReader.GetString("user_Username").ToString();
MessageBox.Show(str);
}
}
catch(Exception ex) { throw; }
finally { }
but
while(myReader.Read()){}
returns only 1 and 0 . 1 if there is a value inside and 0 if there's nothing.
I've tried many things to get the value but nothing, any suggestion?
I'm writing a wpf C# app
PS: I know that its a good thing to use parameters for security, but I want to make a simple code for now
Remove 1 after the select. Also you should use query for the name of your string,not Query,it looks like it is reserved for something.
Also,you should get your string like this:
string sUsername= myReader["ColumnName"].ToString();
or like this
string sUsername= myReader[0].ToString();
And in the finally you are missing connection.Close();
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Improve this question
How can I replace the "#something" with the "textBox2.Text" , so the sql can search for things that contains it? This doesn't work.
private void cmd1_Click(object sender, EventArgs e)
{
string content = null;
FbConnection conn = new FbConnection(connectionString);
conn.Open();
FbCommand command = conn.CreateCommand();
command.CommandText = #"select a.NAME, a.SCHOOL, a.CLASS
from PEOPLE a, PLACES b
where
b.KEY=a.PLACE and
a.SCHOOL like '%#something%'
order by a.NAME";
command.Parameters.AddWithValue("#something", textBox2.Text);
FbDataReader reader = command.ExecuteReader();
while (reader.Read())
{
content += (string)reader["NAME"] + "\r\n";
textBox1.Text = content;
}
}
By wrapping #something in single quotes in the SQL statement, you tell the database to treat it as a direct string value, so that search will be matching records to the actual "%#something%" string - with the logic for "%" parts, of course.
a.SCHOOL like #something
...
command.Parameters.AddWithValue("#something", "%" + textBox2.Text + "%");
Or use this solution.
command.CommandText = #"select a.NAME, a.SCHOOL, a.CLASS
from PEOPLE a, PLACES b
where
b.KEY=a.PLACE and
a.SCHOOL like '%' || #something || '%'
order by a.NAME";
command.Parameters.AddWithValue("#something", textBox2.Text);
Like igor said %#something% is a string. You can make #something a 'variable' to and concatenate a % before and after it inside the SQL query.
Update: first used a + (Microsoft SQL Server) to concatenate it but #hvd said that firebird uses ||. So I've changed it.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm trying to get a label to display how many entries exist in a database. And I'm using the most ridiculously simple FROM I can imagine. And I'm getting spammed with "Syntax error in FROM clause" rather than having my label update. Syntax is an error I get a lot when I use a system reserved name for a table or column. But the table name I'm using works in other statements, so I assume that's not the issue, and it's the ONLY variable. Unless it's something other than the FROM and it's lying to me, which is entirely possible...
if (DateTime.Now.Millisecond > 500)
{
try
{
OleDbConnection conn = new OleDbConnection();
conn.ConnectionString = #"Provider=Microsoft.Jet.OLEDB.4.0; Data Source=access.mdb";
conn.Open();
OleDbCommand cmmd = new OleDbCommand("SELECT * FROM probe)", conn);
using (OleDbDataReader myReader = cmmd.ExecuteReader())
{
DataTable dt = new DataTable();
dt.Load(myReader);
int count = dt.Rows.Count;
lblCount.Text = count.ToString();
conn.Close();
}
}
catch (OleDbException expe)
{
MessageBox.Show(expe.Message);
}
}
}
SELECT * FROM probe)
should be
SELECT * FROM probe
?
Change
OleDbCommand cmmd = new OleDbCommand("SELECT * FROM probe)", conn);
to
OleDbCommand cmmd = new OleDbCommand("SELECT * FROM probe", conn);
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I have the following problem performin a query in C#
I have the following method performing a simple query:
public List<DataModel.Vulnerability.VulnerabilitySolution> getVulnerabilitySolutionsList(int vulnId)
{
List<DataModel.Vulnerability.VulnerabilitySolution> result = new List<Vulnerability.VulnerabilitySolution>();
System.Data.Common.DbCommand command;
command = _connection.CreateCommand();
command.Connection = this._connection;
_strSQL = "VS.* FROM VulnerabilityAlertDocument_VulnerabilitySolution VAD_VS"
+ " INNER JOIN VulnerabilitySolution VS ON VAD_VS.VulnerabilitySolutionId = VS.Id"
+ " WHERE VAD_VS.VulnerabilityAlertDocumentId = #VULNID ";
addParameter(command, "#VULNID", vulnId);
command.CommandText = _strSQL;
_dt = fillDataTable(command);
DataModel.Vulnerability.VulnerabilitySolution vulnSolution;
foreach (DataRow row in _dt.Rows)
{
vulnSolution = new DataModel.Vulnerability.VulnerabilitySolution(row);
result.Add(vulnSolution);
}
return result;
}
The problem is that when try to execute this line: _dt = fillDataTable(command); it throw the following exception: Incorrect syntax near '*'
What could be the problem? If I try to execute the same query in SQL Server (replacing the value of the parameter) it work fine
How can I solve this issue?
You need to add the word select before the VS.*
_strSQL = "SELECT VS.* FROM VulnerabilityAlertDocument_VulnerabilitySolution VAD_VS"
+ " INNER JOIN VulnerabilitySolution VS ON VAD_VS.VulnerabilitySolutionId = VS.Id"
+ " WHERE VAD_VS.VulnerabilityAlertDocumentId = #VULNID ";
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I have a c# application. I am trying to run a parameterized query, please see below. However I keep getting the error message
"The parameterized query '(#dtStart date)SELECT * FROM
D_CORPACTIONS_MSCI WHERE [date_effe' expects the parameter '#dtStart',
which was not supplied."
I can't see why it is telling me this though?
DateTime dtStart = dtPrev;
using (_connection = new SqlConnection(_connectionString))
{
_connection.Open();
string cmdText = "SELECT * FROM D_CORPACTIONS_MSCI " +
"WHERE [date_effective] >= #dtStart " +
"AND [ca_status] ='" + caStatus + "'";
_command = new SqlCommand(cmdText, _connection);
_command.Parameters.Add("#dtStart", SqlDbType.Date);
Instead of Parameters.Add try Parameters.AddWithValue
_command.Parameters.AddWithValue("#dtStart", dtStart);
Or give a value to your parameter:
_command.Parameters.Add("#dtStart", SqlDbType.Date).Value = dtStart;
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I have this sql query which should return a count of 0 but I guess it is badly build.
here is the SQL code which I execute
string cmdText = #"SELECT count(*)
From Apointement
WHERE emailClient=#emailClient AND
trialdate=#trialdate AND
TrailHour=trialhour";
SqlCommand cmd = new SqlCommand(cmdText, con);
cmd.Parameters.AddWithValue("#emailClient", Convert.ToString(Session["email"]));
cmd.Parameters.AddWithValue("#trialdate",dDateApt);
cmd.Parameters.AddWithValue("#trialhour", sHourApt);
if (con.State == ConnectionState.Closed)
{
con.Open();
}
int nbrofRec = (int) cmd.ExecuteScalar();
if (nbrofRec >= 1)
This query return 1 for the count.
The data in the query is as follow:
email = s.brown#rv.com
trialdate = 1/27/2014 12:00:00AM
trialhour = 10:00
The date in the database
email = s.brown#rv.com
trialdate = 1/27/2014
trialhour = 12:00 <=== notice the only appointment is at 12:00 not at 10:00
I can't find out which element is wrong.
AND TrailHour=trialhour
should be
AND TrailHour=#trialhour
You are missing # in front of last parameter.
So make your SQL like so.
string cmdText = "SELECT count(*) From Apointement WHERE emailClient=#emailClient AND
trialdate=#trialdate AND TrailHour=#Trialhour"