I have two tables one table's name is (memberform) and it has columns id,name,mobile example 1,dimitris,69xxxxxxx, and a second table (groups) with columns name,groupname,memberid example dimitris,dancegroup,1 (memberid is the same with id)
I want to extract into a richtextbox where groupname from groups = combobox1 and where memberid from row which groupname exists is same with memberform.id
i'm trying something like this
using (var command = new SqlCommand("select mobile from memberform where memberform.id=groups.memberid and groups.groupname='" + comboBox1.Text + "'", con)) //
using (var reader = command.ExecuteReader())
The raw SQL query is
SELECT M.mobile
FROM memberform M
JOIN groups G ON G.memberid = M.id
WHERE G.groupname = 'dancegroup'
the same can be written in your sqlcommand is
using (var command = new SqlCommand("SELECT M.mobile FROM memberform M JOIN groups G ON G.memberid = M.id WHERE G.groupname = '" + comboBox1.Text + "'", con))
UPDATE:
The above approach can be possible for SQL injection attack, so explicitly pass the parameter by SqlParameter
using (var command = new SqlCommand("SELECT M.mobile FROM memberform M JOIN groups G ON G.memberid = M.id WHERE G.groupname = #GroupName", con))
{
command.Parameters.Add(new SqlParameter("GroupName", comboBox1.Text);
using (var reader = command.ExecuteReader())
....
Why not select from the first table, get the number then use it to select from the second table?
#Edit:
private void GetData()
{
// Get the ID using the name
string id, yourData;
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand("SELECT * FROM Table1 WHERE name=#name", con);
cmd.Parameters.Add("#name", "dimitris");
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
id = reader["Id"].ToString();
con.Close();
// Get whatever you want using that ID
cmd.CommandText = "SELECT * FROM Table2 WHERE Id=#id";
cmd.Parameters.Add("#id", id);
con.Open();
reader = cmd.ExecuteReader();
while (reader.Read())
yourData = reader["ColumnName"].ToString();
con.Close();
}
Related
Stored procedures
CREATE PROCEDURE Contributor_Search
#fullname VARCHAR(60)
AS
SELECT
C.id, years_of_experience, portfolio_link, specialization,
notified_id, email, first_name, middle_name, last_name,
birth_date, age
FROM
Contributor C
INNER JOIN
[User] U ON C.id = U.id
WHERE
U.first_name + ' ' + U.middle_name + ' ' + U.last_name = #fullname
CREATE PROCEDURE Show_Original_Content
#contributor_id INT
AS
IF #contributor_id IS NULL
SELECT *
FROM Original_Content OC
INNER JOIN Content C ON OC.id = C.id
INNER JOIN Contributor CO ON C.contributor_id = CO.id
WHERE OC.filter_status = 1
ELSE
SELECT *
FROM Original_Content OC
INNER JOIN Content C ON OC.id = C.id
INNER JOIN Contributor CO ON C.contributor_id = CO.id
WHERE OC.filter_status = 1 AND CO.id = #contributor_id
I want to run the first stored procedure if input is provided, and if not just jump into the second with null; if input is provided and it's ran however, I would like to get an ID using the first procedure and then use it in the second procedure, this is my current approach which unfortunately does not work.
protected void btnSearch_Click(object sender, EventArgs e)
{
string connectionStr = #"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=iEgypt;";
if(inputName.Value.Trim() != "")
{
using (SqlConnection con = new SqlConnection(connectionStr))
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "Contributor_Search";
cmd.CommandType = CommandType.StoredProcedure;
if (inputName.Value.Trim() != "")
{
SqlParameter param = new SqlParameter("#fullname", inputName.Value);
cmd.Parameters.Add(param);
}
else
{
SqlParameter param = new SqlParameter("#fullname", DBNull.Value);
cmd.Parameters.Add(param);
}
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
id = rdr[0].ToString();
con.Close();
}
}
using (SqlConnection con = new SqlConnection(connectionStr))
{
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandText = "Show_Original_Content";
cmd.CommandType = CommandType.StoredProcedure;
if (id != "")
{
SqlParameter param = new SqlParameter("#contributor_id", inputName.Value);
cmd.Parameters.Add(param);
}
else
{
SqlParameter param = new SqlParameter("#contributor_id", DBNull.Value);
cmd.Parameters.Add(param);
}
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
gvSearchResults.DataSource = rdr;
gvSearchResults.DataBind();
}
}
Any help is much appreciated.
In the comments, #vjgn suggests calling the Read method before accessing the rows in the SqlDataReader. For example:
SqlDataReader rdr = cmd.ExecuteReader();
if (rdr.Read())
{
id = rdr[0].ToString();
}
That should work... Or alternatively you could use the ExecuteScalar method and not have to worry about opening the reader:
id = cmd.ExecuteScalar()?.ToString() ?? "";
The problem with that is now you are having to check for null, then converting it into an empty string. It is probably better to avoid converting to empty string and just check for both in your if statement.
id = cmd.ExecuteScalar()?.ToString();
...
if (!String.IsNullOrEmpty(id))
Another potential point of error is if the record has a null value in first_name, middle_name, or last_name then your search won't find any results because when you concatenate a null value with a non-null value, you get null. Try changing the where clause to the following:
isnull(U.first_name,'') + ' ' + isnull(U.middle_name,'') + ' ' + isnull(U.last_name,'') = #fullname
This looks like it does an exact search...
I have two tables and I want to add columns in my DatagridView (Data1)
mycon.Open();
SqlCommand cmd = new SqlCommand("SELECT ItemName,Price1 FROM Pharmacy_Items", mycon);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Data1.Rows.Add();
Data1.Rows[x].Cells[0].Value = reader["ItemName"].ToString();
Data1.Rows[x].Cells[1].Value = reader["Price1"].ToString();
x++;
}
mycon.Close();
Now I want to add a column from another table to my DatagridView (Data1.Rows[x].Cells[2].Value). How can I achieve this?
I am new to SQL. :)
Just change your query, JOIN with table you need and add new column you want to display. The example is below.
mycon.Open();
SqlCommand cmd = new SqlCommand("SELECT p.ItemName, p.Price1, o.ColumnFromOtherTable FROM Pharmacy_Items p INNER JOIN OtherTable o ON p.ID = o.ID", mycon);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Data1.Rows.Add();
Data1.Rows[x].Cells[0].Value = reader["ItemName"].ToString();
Data1.Rows[x].Cells[1].Value = reader["Price1"].ToString();
Data1.Rows[x].Cells[2].Value = reader["ColumnFromOtherTable"].ToString();
x++;
}
mycon.Close();
How can I write this code in asp.net c# code behinds?
Wwhat I'm trying to do is to select all rows in invoicetable with orderno that is equal to current session and deduct the inventory of my inventorytable from `invoicetable qty that matches their itemid's.
SqlCommand cmd =
new SqlCommand("UPDATE inventorytable
JOIN invoicetable ON inventorytable.ItemID = invoicetable.ItemID
SET inventorytable.inventory = inventorytable.inventory-invoice.QTY
WHERE invoicetable.No='" + Convert.ToInt32(Session["invoiceno"]) + "'"
, con);
InsertUpdateData(cmd);
Your update query is not formed correctly, and you should be using parameterized SQL. Try using something like this
var sqlQuery =
#"UPDATE inventorytable
SET inventorytable.inventory = inventorytable.inventory-invoice.QTY
FROM inventorytable
INNER JOIN invoicetable ON inventorytable.ItemID = invoicetable.ItemID
WHERE invoicetable.No=#invNo";
using (var conn = new SqlConnection(CONN_STR))
{
var sqlCmd = new SqlCommand(sqlQuery, conn);
sqlCmd.Parameters.AddWithValue("#invNo", Session["invoiceno"].ToString());
sqlCmd.ExecuteNonQuery();
}
I typed this without VS in front of me, so let me know if there are any syntax issues
var n = Session["invoiceno"] != null ? Convert.ToInt32(Session["invoiceno"]) : 0;
using (var conn = new SqlConnection(CONN_STR))
{
conn.Open();
var sql = "SELECT * FROM invoicetable WHERE orderno = #n";
var cmd = new SqlCommand(sql);
cmd.Connection = conn ;
cmd.Parameters.AddWithValue("#n", n);
using(var dr = cmd.ExecuteReader())
{
while(dr.Read())
{
//loop through DataReader
}
dr.Close();
}
}
I am having a database name "fees" where i am having 4 columns (admno, receiptnumber, name, tutionfee). Here primary key is "receiptnumber". I have entered several records with different admission number. There is also several entries with same admission number. Now i just want to print only last record which i have entered. How can i print. I have written a code but first record is printing.
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
con.Open();
string str;
str = "select * from fees where admno='" + temp + "'";
SqlCommand com = new SqlCommand(str, con);
SqlDataReader reader = com.ExecuteReader();
reader.Read();
TextBox1.Text = reader["admno"].ToString();
TextBox2.Text = reader["receiptnumber"].ToString();
TextBox3.Text = reader["name"].ToString();
TextBox4.Text = reader["tutionfee"].ToString();
This should do it. Add parameters to avoid sql injection!
You need to order by your ID DESCending and pick the fist one (TOP1)
string Command = "select TOP 1 * from fees where admno = #admno ORDER BY receiptnumber DSEC";
using (SqlConnection mConnection = new SqlConnection(ConnectionString))
{
mConnection.Open();
using (SqlCommand cmd = new SqlCommand(Command, mConnection))
{
cmd.Parameters.Add(new MySqlParameter("#admno", temp));
using (SqlDataReader reader = cmd.ExecuteReader())
{
reader.Read();
TextBox1.Text = reader["admno"].ToString();
TextBox2.Text = reader["receiptnumber"].ToString();
TextBox3.Text = reader["name"].ToString();
TextBox4.Text = reader["tutionfee"].ToString();
}
}
}
Assuming receiptnumber is an identity field, you would select top 1 * from fees order by receiptnumber desc
I can use this loop to give me list of names:
string commandText = #"SELECT ....;";
string connectionString = ConfigurationSettings.AppSettings["connectionString"];
using (SqlConnection connection = new SqlConnection(connectionString))
{
SqlCommand command = new SqlCommand(commandText, connection);
try
{
connection.Open();
using (SqlDataReader reader = command.ExecuteReader())
{
DataTable dt = new DataTable();
dt.Load(reader);
for (int i = dt.Rows.Count - 1; i >= 0; i--)
{
SqlCommand addresscommand = new SqlCommand(address, connection);
addresscommand.Parameters.AddWithValue("#companyName", dt.Rows[i][0].ToString());
SqlDataReader addressreader = command.ExecuteReader();
string address = addressreader.GetString(0);
}
}
}
catch (Exception ex)
{
}
}
so the dt.Rows[i][0].ToString() is the name I need to add to all my different sql commands. So inside that for loop I will get each value from executing each sql command, one by one:
SqlCommand addresscommand = new SqlCommand(address, connection);
addresscommand.Parameters.AddWithValue("#companyName", dt.Rows[i][0].ToString());
SqlDataReader addressreader = addresscommand.ExecuteReader();
string comaddress = addressreader.GetString(0);
SqlCommand keyProcessescommand = new SqlCommand(keyProcesses, connection);
keyProcessescommand.Parameters.AddWithValue("#companyName", dt.Rows[i][0].ToString());
SqlDataReader keyProcessesreader = keyProcessescommand.ExecuteReader();
string comkeyProcesses = keyProcessesreader.GetString(0);
SqlCommand standardscommand = new SqlCommand(standards, connection);
standardscommand.Parameters.AddWithValue("#companyName", dt.Rows[i][0].ToString());
SqlDataReader standardsreader = standardscommand.ExecuteReader();
string comstandards = standardsreader.GetString(0);
Where the command string determined by:
string address = #"SELECT address FROM Companies where companyName = #companyName";
string keyProcesses = #" SELECT distinct STUFF((SELECT ', '+ cn.name from WMCCMCategories cn
INNER JOIN CategorySets uc ON uc.categoryId = cn.categoryID
INNER JOIN KeyProcesses u ON u.categorySetId = uc.setId
INNER JOIN Companies c ON c.companyId = u.companyId
WHERE c.companyName = #companyName
ORDER BY cn.name
FOR XML PATH('')), 1, 1, '') AS listStr
FROM WMCCMCategories cnn Group by cnn.name";
string standards = #" SELECT cn.name from WMCCMCategories cn
INNER JOIN CategorySets uc ON uc.categoryId = cn.categoryID
INNER JOIN Companies c ON c.standards = uc.setId
WHERE c.companyName = #companyName";
Can I execute multiple sql commands like above? How is the best way to do that ?
One way you can solve this through JOIN in SQL. However, it may not be right thing to do if it is not representing same columns.
Now in terms of using multiple select in one command. Yes, you can use SqlDataReader with NextResult()
Please see this link:
http://csharp.net-informations.com/data-providers/csharp-multiple-resultsets.htm