Develop Reference

System.Data.SqlClient.SqlException: 'Invalid column name 'P1000'.'

Can anybody help me? Why am I getting this error?
If I remove the 'P' from the prod_id which left only number, it can work but if I add alphabet, it says "Invalid column name".
I already added .ToString() to it, but why it still can't take varchar and only take int.
Here is my code
public partial class AddtoCart : System.Web.UI.Page
{
SqlConnection conn = new SqlConnection(Global.cs);
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Session["Username"] == null)
{
Response.Redirect("Authentication.aspx");
}
// Adding product to Gridview
Session["addproduct"] = "false";
DataTable dt = new DataTable();
DataRow dr;
dt.Columns.Add("sno");
dt.Columns.Add("Id");
dt.Columns.Add("Pname");
dt.Columns.Add("Pimage");
dt.Columns.Add("Pprice");
dt.Columns.Add("Pquantity");
dt.Columns.Add("Ptotal");
if (Request.QueryString["Id"] != null)
{
if (Session["buyitems"] == null)
{
dr = dt.NewRow();
SqlConnection conn = new SqlConnection(Global.cs);
SqlDataAdapter da = new SqlDataAdapter("select * from Product2 where prod_id=" + Request.QueryString["Id"] , conn);
DataSet ds = new DataSet();
da.Fill(ds);
dr["sno"] = 1;
dr["Id"] = ds.Tables[0].Rows[0]["prod_id"].ToString();
dr["Pname"] = ds.Tables[0].Rows[0]["prod_name"].ToString();
dr["Pimage"] = ds.Tables[0].Rows[0]["prod_img"].ToString();
dr["Pprice"] = ds.Tables[0].Rows[0]["prod_price"].ToString();
dr["Pquantity"] = Request.QueryString["quantity"];
int price = Convert.ToInt32(ds.Tables[0].Rows[0]["prod_price"].ToString());
int Quantity = Convert.ToInt16(Request.QueryString["quantity"].ToString());
int TotalPrice = price * Quantity;
dr["Ptotal"] = TotalPrice;
dt.Rows.Add(dr);
conn.Open();
SqlCommand cmd = new SqlCommand("insert into Cart values('" + dr["sno"] + "','" + dr["Id"] + "','" + dr["Pname"] + "','" + dr["Pimage"] + "','" + dr["Pprice"] + "','" + dr["Pquantity"] + "','" + dr["Ptotal"] + "','" + Session["Username"].ToString() + "')", conn);
cmd.ExecuteNonQuery();
conn.Close();
GridView1.DataSource = dt;
GridView1.DataBind();
Session["buyitems"] = dt;
Button1.Enabled = true;
GridView1.FooterRow.Cells[5].Text = "Total Amount";
GridView1.FooterRow.Cells[6].Text = grandtotal().ToString();
Response.Redirect("AddtoCart.aspx");
}
else
{
dt = (DataTable)Session["buyitems"];
int sr;
sr = dt.Rows.Count;
dr = dt.NewRow();
SqlConnection conn = new SqlConnection(Global.cs);
SqlDataAdapter da = new SqlDataAdapter("select * from Product2 where prod_id=" + Request.QueryString["id"], conn);
DataSet ds = new DataSet();
da.Fill(ds);
dr["sno"] = sr + 1;
dr["Id"] = ds.Tables[0].Rows[0]["prod_id"].ToString();
dr["Pname"] = ds.Tables[0].Rows[0]["prod_name"].ToString();
dr["Pimage"] = ds.Tables[0].Rows[0]["prod_img"].ToString();
dr["Pprice"] = ds.Tables[0].Rows[0]["prod_price"].ToString();
dr["Pquantity"] = Request.QueryString["quantity"];
int price = Convert.ToInt32(ds.Tables[0].Rows[0]["prod_price"].ToString());
int Quantity = Convert.ToInt16(Request.QueryString["quantity"].ToString());
int TotalPrice = price * Quantity;
dr["Ptotal"] = TotalPrice;
dt.Rows.Add(dr);
conn.Open();
SqlCommand cmd = new SqlCommand("insert into Cart values('" + dr["sno"] + "','" + dr["Id"] + "','" + dr["Pname"] + "','" + dr["Pimage"] + "','" + dr["Pprice"] + "','" + dr["Pquantity"] + "','" + dr["Ptotal"] + "','" + Session["Username"].ToString() + "')", conn);
cmd.ExecuteNonQuery();
conn.Close();
GridView1.DataSource = dt;
GridView1.DataBind();
Session["buyitems"] = dt;
Button1.Enabled = true;
GridView1.FooterRow.Cells[5].Text = "Total Amount";
GridView1.FooterRow.Cells[6].Text = grandtotal().ToString();
Response.Redirect("AddtoCart.aspx");
}
}
else
{
dt = (DataTable)Session["buyitems"];
GridView1.DataSource = dt;
GridView1.DataBind();
if (GridView1.Rows.Count > 0)
{
GridView1.FooterRow.Cells[5].Text = "Total Amount";
GridView1.FooterRow.Cells[6].Text = grandtotal().ToString();
}
}
}
if (GridView1.Rows.Count.ToString() == "0")
{
Button3.Enabled = false;
Button1.Enabled = false;
}
else
{
Button3.Enabled = true;
Button1.Enabled = true;
}
}
// 2.Calculating Final Price
public int grandtotal()
{
DataTable dt = new DataTable();
dt = (DataTable)Session["buyitems"];
int nrow = dt.Rows.Count;
int i = 0;
int totalprice = 0;
while (i < nrow)
{
totalprice = totalprice + Convert.ToInt32(dt.Rows[i]["Ptotal"].ToString());
i = i + 1;
}
return totalprice;
}
// 4. Deleting Row From Cart
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
DataTable dt = new DataTable();
dt = (DataTable)Session["buyitems"];
for (int i = 0; i <= dt.Rows.Count - 1; i++)
{
int sr;
int sr1;
string qdata;
string dtdata;
sr = Convert.ToInt32(dt.Rows[i]["sno"].ToString());
TableCell cell = GridView1.Rows[e.RowIndex].Cells[0];
qdata = cell.Text;
dtdata = sr.ToString();
sr1 = Convert.ToInt32(qdata);
TableCell prID = GridView1.Rows[e.RowIndex].Cells[1];
if (sr == sr1)
{
dt.Rows[i].Delete();
dt.AcceptChanges();
conn.Open();
SqlCommand cmd = new SqlCommand("Delete top (1) from Cart where product_id='" + prID.Text + "' and username= '" + Session["username"] + "' ", conn);
cmd.ExecuteNonQuery();
conn.Close();
//Item Has Been Deleted From Shopping Cart
break;
}
}
// 5. Setting SNo. after deleting Row item from cart
for (int i = 1; i <= dt.Rows.Count; i++)
{
dt.Rows[i - 1]["sno"] = i;
dt.AcceptChanges();
}
Session["buyitems"] = dt;
Response.Redirect("AddtoCart.aspx");
}
// 6. Button Click
protected void Button1_Click(object sender, EventArgs e)
{
bool isTrue = false;
DataTable dt = (DataTable)Session["buyitems"];
for (int i = 0; i <= dt.Rows.Count - 1; i++)
{
//SqlConnection conn = new SqlConnection(Global.cs);
//conn.Open();
//SqlCommand cmd = new SqlCommand("insert into Cart(sno,product_id,product_name,product_price,product_quantity,username) values('" + dt.Rows[i]["sno"] + "','" + dt.Rows[i]["Id"] + "','" + dt.Rows[i]["Pname"] + "','" + dt.Rows[i]["Pprice"] + "','" + dt.Rows[i]["Pquantity"] + "','" + Session["Username"] + "')", conn);
//cmd.ExecuteNonQuery();
//conn.Close();
int pId = Convert.ToInt16(dt.Rows[i]["Id"]);
int pQuantity = Convert.ToInt16(dt.Rows[i]["Pquantity"]);
SqlDataAdapter sda = new SqlDataAdapter("Select stock_count, prod_name from Product2 where prod_id='" + pId + "' ", conn);
DataTable dtble = new DataTable();
sda.Fill(dtble);
int quantity = Convert.ToInt16(dtble.Rows[0][0]);
if(quantity == 0)
{
string pName = dtble.Rows[0][1].ToString();
string msg = "" + pName + " is not in Stock";
Response.Write("<script>alert('" + msg + "');</script>");
isTrue = false;
}
}
if (GridView1.Rows.Count.ToString() == "0")
{
Response.Write("<script>alert('Your Cart is Empty. You cannot place an Order');</script>");
}
else
{
if (isTrue == true)
{
Response.Redirect("Checkout2.aspx");
}
}
// If Session is Null Redirecting to login else Placing the order
if (Session["Username"] == null)
{
Response.Redirect("Authentication.aspx");
}
else
{
Response.Redirect("Checkout2.aspx");
}
}
public void clearCart()
{
conn.Open();
SqlCommand cmd = new SqlCommand("Delete from Cart where username='" + Session["Username"] + "' ", conn);
cmd.ExecuteNonQuery();
conn.Close();
Response.Redirect("AddtoCart.aspx");
}
protected void Button3_Click(object sender, EventArgs e)
{
Session["buyitems"] = null;
clearCart();
}
}
This is the database table
CREATE TABLE [dbo].[Product2]
(
[prod_id] VARCHAR(6) NOT NULL,
[prod_name] VARCHAR(50) NOT NULL,
[prod_price] FLOAT(53) NOT NULL,
[prod_desc] VARCHAR(120) NOT NULL,
[prod_img] NVARCHAR(MAX) NOT NULL,
[prod_cat] VARCHAR(6) NOT NULL,
[stock_count] INT NULL,
[weight] DECIMAL(9, 2) NULL,
[width] DECIMAL(9, 2) NULL,
[length] DECIMAL(9, 2) NULL,
[height] DECIMAL(9, 2) NULL,
[shipping_fee] DECIMAL(9, 2) NOT NULL,
[created_at] DATETIME NOT NULL,
[updated_at] DATETIME NULL,
[prod_status] NVARCHAR(MAX) NULL,
PRIMARY KEY CLUSTERED ([prod_id] ASC),
CONSTRAINT [FK_Product2_ToTable]
FOREIGN KEY ([prod_cat]) REFERENCES [dbo].[Category] ([cat_id])
);

The way you pass the query could lead to SQL Injection.
SqlDataAdapter da = new SqlDataAdapter("select * from Product2 where prod_id=" + Request.QueryString["Id"] , conn);
I expect the final query you want to achieve is
select * from Product2 where prod_id=`P100`
But after revise your code if you do concatenate with 'P' in your query, you will get:
select * from Product2 where prod_id=P100
In which this will return result:
Invalid column name 'P100'
String concatenation into query is dangerous that possible break your query.
You need to create a SqlCommand variable and pass it to the SqlDataAdapter.
And also use SqlParameter to pass the parameter value.
SqlCommand cmd = new SqlCommand("select * from Product2 where prod_id = #Prod_ID", con);
cmd.Parameters.Add("#Prod_ID", SqlDbType.Varchar, 6).Value = "P" + Request.QueryString["id"].ToString;
After create and initialize SqlCommand, then you pass it into SqlDataAdpater as below
SqlDataAdapter da = new SqlDataAdapter(cmd);
Additional recommendation:
Use using block for your SqlConnection, SqlCommand and SqlDataAdapter as these (implemented with IDisposable interface) will automatically dispose the resources once the process is ended or exception is triggered.
DataSet ds = new DataSet();
using (SqlConnection conn = new SqlConnection(Global.cs))
{
using (SqlCommand cmd = new SqlCommand("select * from Product2 where prod_id = #Prod_ID", con))
{
cmd.Parameters.Add("#Prod_ID", SqlDbType.Varchar, 6).Value = "P" + Request.QueryString["id"].ToString;
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
da.Fill(ds);
}
}
}
Updated answer with credited to #Tim Schmelter's suggestion
For Using declarations in C#8.0, you are not required to add scope for the using block.
A using declaration is a variable declaration preceded by the using keyword. It tells the compiler that the variable being declared should be disposed at the end of the enclosing scope.
DataSet ds = new DataSet();
using SqlConnection conn = new SqlConnection(Global.cs);
using SqlCommand cmd = new SqlCommand("select * from Product2 where prod_id = #Prod_ID", con);
cmd.Parameters.Add("#Prod_ID", SqlDbType.Varchar, 6).Value = "P" + Request.QueryString["id"].ToString;
using SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(ds);

Transliteration words from database using asp.net

I'm trying to replace words from a database, for this purpose I'm using this code.
input_content = Regex.Replace(input_content, "\\s+\r\n", "\r\n");//remove blank lines
var Value = input_content.Split(' ');
//try
//{
DataTable dt = new DataTable();
SqlConnection con = System.Configuration.ConfigurationManager.AppSettings["myconnection"];
string strcon = "select * from english_hindi_words where english=#englishwords";
for (int i = 0; i < Value.Length; i++)
{
SqlCommand cmd = new SqlCommand(strcon, con);
SqlDataAdapter da = new SqlDataAdapter(cmd);
cmd.Parameters.AddWithValue("#englishwords", Value[i].Trim());
DataSet ds = new DataSet();
da.Fill(ds, "content"+ Value[i].Trim());
try
{
DataRow drow = ds.Tables["content" + Value[i].Trim()].Rows[0];
if (Value[i].Trim() == drow.ItemArray.GetValue(1).ToString())
{
hindicontent2 += "<span title='" + Value[i] + "'>" + drow.ItemArray.GetValue(2).ToString() + " </span>";
}
}
catch(Exception ex)
{
hindicontent2 += "<span title='" + Value[i] + "'>" + Value[i] + " </span>";
}
}
Label1.Text = hindicontent2.ToString();
con.Close();
con.Dispose();
//}
//catch (Exception ex)
//{
//}
The code is working good, but if I have 500+ words in my textbox, it will take 3+ minutes. I'm new to C# and I want to know if there is any other fast way to do this.

Sum of Gridview columns/rows ASP.NET C#

I want to make sums of columns and rows in a gridview , I tried so many ways and I can't do it. I'm trying to understand what's wrong. I'm sorry If my code is a mess. I'm using ASP.NET C#. For now it is enough to show sum only in a response.write, later i'll put it on a column/row.
protected void Button1_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection("Data Source=*****;Initial Catalog=***;User=***;password=**");
//query para o select das especialidades todas
string specstring = "SELECT Speciality.Shortname, SUM(1) as contar " +
"FROM DoctorEnterpriseDetails INNER JOIN " +
"Speciality ON DoctorEnterpriseDetails.Speciality1 = Speciality.SpecialityId INNER JOIN " +
" GroupType ON DoctorEnterpriseDetails.GroupId = GroupType.GroupId " +
" WHERE (DoctorEnterpriseDetails.EnterpriseId = 48) " +
" GROUP BY Speciality.Shortname ";
SqlCommand command = new SqlCommand(specstring, conn);
command.Connection.Open();
SqlDataAdapter myDataAdapter = new SqlDataAdapter();
myDataAdapter.SelectCommand = command;
DataTable specstringtable = new DataTable();
myDataAdapter.Fill(specstringtable);
specstring = "";
for (int i = 0; i < specstringtable.Rows.Count; i++)
{
if (specstring == "")
{
specstring = "[" + specstringtable.Rows[i][0] + "]".ToString();
}
else
{
specstring = specstring + ", " + "[" + specstringtable.Rows[i][0] + "]";
}
}
command.Connection.Close();
////query para a pivot table
string querystring = "SELECT Description AS Categoria, " + specstring +
"FROM (SELECT GroupType.Description, Speciality.Shortname, SUM(1) AS contar, GroupType.GroupId " +
"FROM DoctorEnterpriseDetails INNER JOIN " +
"Speciality ON DoctorEnterpriseDetails.Speciality1 = Speciality.SpecialityId INNER JOIN " +
"GroupType ON DoctorEnterpriseDetails.GroupId = GroupType.GroupId " +
"WHERE (DoctorEnterpriseDetails.EnterpriseId = 48) " +
"GROUP BY GroupType.Description, Speciality.Shortname, DoctorEnterpriseDetails.GroupId, GroupType.GroupId) as ps " +
"PIVOT (SUM(contar) FOR Shortname IN (" + specstring + ")) pvt " +
"ORDER BY GroupId; ";
////Response.Write(querystring);
SqlCommand command2 = new SqlCommand(querystring, conn);
command2.Connection.Open();
SqlDataAdapter myDataAdapter2 = new SqlDataAdapter();
myDataAdapter2.SelectCommand = command2;
DataTable cobtable = new DataTable();
myDataAdapter2.Fill(cobtable);
DataColumn cl = cobtable.Columns.Add("Total");
cobtable.Columns["Total"].SetOrdinal(1);
DataRow dr;
dr = cobtable.NewRow();
dr["Categoria"] = "Total";
cobtable.Rows.InsertAt(dr, 0);
dr = cobtable.NewRow();
dr["Categoria"] = "";
cobtable.Rows.InsertAt(dr, 1);
dr = cobtable.NewRow();
dr["Categoria"] = "%";
cobtable.Rows.InsertAt(dr, 3);
dr = cobtable.NewRow();
dr["Categoria"] = "";
cobtable.Rows.InsertAt(dr, 4);
dr = cobtable.NewRow();
dr["Categoria"] = "%";
cobtable.Rows.InsertAt(dr, 6);
dr = cobtable.NewRow();
dr["Categoria"] = "";
cobtable.Rows.InsertAt(dr, 7);
dr = cobtable.NewRow();
dr["Categoria"] = "%";
cobtable.Rows.InsertAt(dr, 9);
GroupGrid.DataSource = cobtable;
GroupGrid.DataBind();
//GroupGrid.FooterRow.Cells[1].Text = cobtable.Compute("sum(" + cobtable.Columns[3].ColumnName + ")", null).ToString();
decimal a = 0, soma = 0;
string la = "";
//Response.Write(GroupGrid.Rows[0].Cells.Count);
for (int i = 3; i <= (GroupGrid.Rows[0].Cells.Count); i++)
{
Response.Write("!");
//string l3 = GroupGrid.Rows[6].Cells[i-1].Text;
// Response.Write(l3);
Response.Write(GroupGrid.Rows[5].Cells[i - 1].Text);
// la = GroupGrid.Rows[5].Cells[i - 1].Text;
// sum += Convert.ToInt32(la);
//sum = Convert.ToInt32(GroupGrid.Rows[5].Cells[i - 1].Text.ToString());
//a = a + sum;
//GroupGrid.FooterRow.Cells[1].Text = sum.ToString();
}
// Response.Write(a.ToString());

You are right your code is a little mess ;)
I tried to understand what you mean so just for a case here you have the example how to sum the values in row, sum the values in column or some both columns and rows so sum of all cells.
These examples assume you are not having cells spaning through more then one row or column and that the total sum of your values is less then "long" size and each cell contains number that is "integer".
public void DisplayGridViewSums(GridView gv)
{
foreach (GridViewRow row in gv.Rows)
{
long sum = SumValuesInRow(row);
Console.WriteLine("Sum of values in raw '{0}' is: {1}", row.RowIndex, sum);
}
for (int i=0; i<gv.Columns.Count;i++)
{
long sum = SumValuesInColumn(gv,i);
Console.WriteLine("Sum of values in column '{0}' with header '{1}' is: {2}",i, gv.Columns[i].HeaderText, sum);
}
long totalsum = SumColumnsAndRowsInGridView(gv);
Console.WriteLine("Sum of all cells in each row is: {0}", totalsum);
}
public long SumColumnsAndRowsInGridView(GridView gv)
{
long sum = 0;
foreach (GridViewRow row in gv.Rows)
{
sum += SumValuesInRow(row);
}
return sum;
}
public long SumValuesInRow(GridViewRow row)
{
long sum = 0;
foreach (TableCell cell in row.Cells)
{
sum += int.Parse(cell.Text);
}
return sum;
}
public long SumValuesInColumn(GridView gv, int columnIndx)
{
long sum = 0;
foreach (GridViewRow row in gv.Rows)
{
sum += int.Parse(row.Cells[columnIndx].Text);
}
return sum;
}
First method shows the sums on console. The other count the sums for particular GridView. Those counting methods could be written using Linq but for your convenience a left them as simple for and foreach loops.
Hope it solves your problem!

Unable to retrieve a column value from different table in insert statement

I am trying to retrieve column value from another table and inserting into another table but can't resolve it no error but unable to resolve it. Empty column appears. Trying to insert t_vrm in insert statement on sql_fix_01 t_vrm is a varchar in SQL Server and its a vehicle registration number (number plate)
But returns empty column.
private void btnProcess_Click(object sender, EventArgs e)
{
tbl = new DataTable();
tbl.Columns.Add(new DataColumn("ticket_reference", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("ticket_number", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("t_vrm", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("sql_fix_01", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("sql_fix_02", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("sql_fix_03", System.Type.GetType("System.String")));
tbl.Columns.Add(new DataColumn("sql_fix_04", System.Type.GetType("System.String")));
SqlConnection myConn = new SqlConnection();
myConn.ConnectionString = stringConn;
SqlCommand myComm = new SqlCommand();
myComm.Connection = myConn;
string[] tempArray = new string[this.textBox1.Lines.Length];
tempArray = this.textBox1.Lines;
if (this.textBox1.Lines.Length == 0)
{
return;
}
myConn.Open();
int ticket_number = -666;
string t_vrm = "";
string sql_fix_01 = "";
string stringDatetime = DateTime.Now.ToString("yyyyMMdd HH:mm:ss");
//string stringDatetime = "20120829 17:00:00";
for (int counter = 0; counter <= tempArray.Length - 1; counter++)
{
sql_fix_01 = "";
t_vrm = "";
ticket_number = -666;
if (tempArray[counter].Trim().Length > 0)
{
try
{
myComm.CommandText = "SELECT t_number, t_vrm FROM tickets WHERE t_reference='" + tempArray[counter] + "'";
ticket_number = (int)myComm.ExecuteScalar();
t_vrm = (string)(myComm.ExecuteScalar()).ToString();
MY ERROR IS IN THIS ROW.(t_vrm)
sql_fix_01 = "INSERT INTO [dvla] ([dvla_system_ref],[dvla_seq_no],[dvla_vrm],[dvla_due],[dvla_sent],[dvla_sent_by],[dvla_batch_no],[dvla_response_date],[dvla_query_destination]) VALUES(" + ticket_number.ToString().Trim() + ", 2 , t_vrm , '" + stringDatetime + "', NULL,'',0, NULL, 'DVLATicketLetter');";
}
catch { }
if (ticket_number != -666)
{
tbl.Rows.Add(tempArray[counter], ticket_number,t_vrm, sql_fix_01, sql_fix_02, sql_fix_03, sql_fix_04);
}
}
}
myConn.Close();
this.dataGridView1.DataSource = tbl;
this.dataGridView1.AutoSizeColumnsMode = DataGridViewAutoSizeColumnsMode.AllCells;
DataView vwExport = new DataView(tbl);
if (sfd.ShowDialog() == DialogResult.OK)
{
if (sfd.FileName != "")
{
btnProcess.Enabled = false;
Application.DoEvents();
StreamWriter sw = null;
FileStream fs = null;
fs = File.Open(sfd.FileName, FileMode.Create, FileAccess.Write);
sw = new StreamWriter(fs, System.Text.Encoding.UTF8);
sw.WriteLine("USE ICPS");
sw.WriteLine("GO");
sw.WriteLine(" ");
sw.WriteLine("/* Set accounts Hold Status to ''VQ4 rescheduled' */");
sw.WriteLine(" ");
foreach (DataRowView drv in vwExport)
{
sw.WriteLine("/* Ticket Reference: " + drv["ticket_reference"].ToString() + "/" + drv["ticket_number"].ToString() + "/" + drv["t_vrm"].ToString() + "*/");
sw.WriteLine(drv["sql_fix_01"].ToString());

You cant use ExecuteScalar with multiple values..
myComm.CommandText = "SELECT t_number, t_vrm
FROM tickets WHERE t_reference='" + tempArray[counter] + "'";
ticket_number = (int)myComm.ExecuteScalar();
t_vrm = (string)(myComm.ExecuteScalar()).ToString();
You will need to use a DataReader instead.
SqlDataReader reader = myComm.ExecuteReader();
// Call Read before accessing data.
while (reader.Read())
{
ticket_number = reader.GetInt32(0);
t_vrm = reader.GetString(1);
}
Also, to reiterate what #Amber said, look at Bobby Tables, you really want to avoid dynamic SQL

Should'nt:
...VALUES(" + ticket_number.ToString().Trim() + ", 2 , t_vrm , '" +...
Be:
...VALUES(" + ticket_number.ToString().Trim() + ", 2 , " + t_vrm + " , '" +...
Your t_vrm variable is part of the string.

im trying to fetch values from db but getting errors which say cmd,dr, doesnt exist in the current context [duplicate]

This question already has an answer here:
Closed 11 years ago.
Possible Duplicate:
C# having some errors from fetching
public partial class BioreCottonPurchaseSlip2011 : Form
{
Library obj = new Library();
public BioreCottonPurchaseSlip2011()
{
InitializeComponent();
}
public void enableDisableControls(bool flag)
{
TxtExtensionNo.Enabled = flag;
TxtFarmerCode.Enabled = flag;
TxtFarmerName.Enabled = flag;
TxtBasicPrice.Enabled = flag;
TxtPremium.Enabled = flag;
TxtWeight.Enabled = flag;
TxtTotalAmountBasic.Enabled = flag;
TxtTotalAmountPremium.Enabled = flag;
TxtBalancePay.Enabled = flag;
BtnSave.Enabled = flag;
BtnCancel.Enabled = flag;
}
public void clearControls()
{
TxtExtensionNo.Text = "";
TxtFarmerCode.Text = "";
TxtFarmerName.Text = "";
TxtBasicPrice.Text = "";
TxtPremium.Text = "";
TxtWeight.Text = "";
TxtTotalAmountBasic.Text = "";
TxtTotalAmountPremium.Text = "";
TxtBalancePay.Text = "";
}
private void BtnNew_Click(object sender, EventArgs e)
{
if (obj.GetConnection() == true)
{
lblError.Text = "Connected !!!";
}
else
{
lblError.Text = "Not connnected !!!";
}
enableDisableControls(true);
BtnNew.Enabled = false;
// lblError.Text = "";
string connectionString = "Data Source=TANYA-PC;Initial Catalog=biore1;Integrated Security=True";
string sql = "SELECT * FROM cottonpurchase";
SqlConnection connection = new SqlConnection(connectionString);
SqlDataAdapter da = new SqlDataAdapter(sql, connection);
DataSet ds = new DataSet();
connection.Open();
da.Fill(ds, "cottonpurchase");
connection.Close();
dataGridView1.DataSource = ds;
dataGridView1.DataMember = "cottonpurchase";
}
private void BtnSave_Click(object sender, EventArgs e)
{
if (obj.GetConnection() == true)
{
//dateTimePicker1.Value = DateTime.Today;
MessageBox.Show("insert into cottonpurchase values(" + TxtExtensionNo.Text + ",'" + monthCalendar1.TodayDate + "'," + TxtFarmerCode.Text + ",'" + TxtFarmerName.Text + "'," + TxtBasicPrice.Text + "," + TxtPremium.Text + "," + TxtWeight.Text + "," + TxtTotalAmountBasic.Text + "," + TxtTotalAmountPremium.Text + "," + TxtBalancePay.Text + ")");
if (obj.ExecuteSQLStatement("insert into cottonpurchase values(" + TxtExtensionNo.Text + ",'" + monthCalendar1.TodayDate + "'," + TxtFarmerCode.Text + ",'" + TxtFarmerName.Text + "'," + TxtBasicPrice.Text + "," + TxtPremium.Text + "," + TxtWeight.Text + "," + TxtTotalAmountBasic.Text + "," + TxtTotalAmountPremium.Text + "," + TxtBalancePay.Text + " )") == true)
{
lblError.Text = "Item(s) Saved";
clearControls();
BtnSave.Enabled = false;
BtnNew.Enabled = true;
enableDisableControls(false);
}
else
{
lblError.Text = "Item(s) Not Saved";
}
}
else
{
lblError.Text = "Connection Error. Please contact your administrator.";
}
enableDisableControls(false);
clearControls();
BtnNew.Enabled = true;
try
{
//double getvat = 0;
//double calculatevat = 0;
//getvat = Convert.ToDouble(TxtTotalAmountBasic.Text);
//calculatevat = getvat * 0.18;
//TxtBasicPrice.Text = calculatevat.ToString();
//TxtBasicPrice.Enabled = false;
}
catch (Exception)
{
// lblError.Text = "Please contact your administrator. (Error - TARS0001DATMIS)";
clearControls();
enableDisableControls(false);
BtnNew.Enabled = true;
//lblInvoiceNo.Text = "INVOIC NO";
}
}
private void BtnCancel_Click(object sender, EventArgs e)
{
enableDisableControls(false);
clearControls();
BtnNew.Enabled = true;
}
private void panel1_Paint(object sender, PaintEventArgs e)
{
}
private void TxtFarmerCode_TextChanged(object sender, EventArgs e)
{
try
{
SqlConnection conn= new SqlConnection("Data Source=TANYA-PC;Initial Catalog=biore1;Integrated Security=True");
conn.Open();
cmd = new SqlCommand("Select farmername, from cottonpurchase where farmercode=#aa", conn);
cmd.Parameters.Add("#aa", SqlDbType.Int).Value = TxtFarmerCode.Text;
dr = cmd.ExecuteReader();
if (dr.HasRows == false)
{
throw new Exception();
}
if (dr.Read())
{
// textBox1.Text = dr[0].ToString(); Since U r going to give the ID and retrieve in textBox1.
TxtFarmerName.Text = dr[0].ToString();
//textBox3.Text = dr[1].ToString();
//textBox4.Text = dr[2].ToString();
//textBox7.Text = dr[3].ToString();
//dateTimePicker1.Text = dr[4].ToString();
//dateTimePicker2.Text = dr[5].ToString();
//textBox5.Text = dr[6].ToString();
}
}
catch
{
// lblError = "THE GIVEN ID IS UNAVAILABLE";
}
finally
{
conn.Close();
}
}
}

You have to define your variable types
SqlCommand cmd = new SqlCommand(...);
SqlReader dr = cmd.ExecuteReader();

In TxtFarmerCode_TextChanged, you haven't defined the variables cmd or dr.
You'll want something like this:
SqlCommand cmd = new SqlCommand("Select farmername, from cottonpurchase where farmercode=#aa", conn);
[...]
SqlDataReader dr = cmd.ExecuteReader();