Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I have the following problem performin a query in C#
I have the following method performing a simple query:
public List<DataModel.Vulnerability.VulnerabilitySolution> getVulnerabilitySolutionsList(int vulnId)
{
List<DataModel.Vulnerability.VulnerabilitySolution> result = new List<Vulnerability.VulnerabilitySolution>();
System.Data.Common.DbCommand command;
command = _connection.CreateCommand();
command.Connection = this._connection;
_strSQL = "VS.* FROM VulnerabilityAlertDocument_VulnerabilitySolution VAD_VS"
+ " INNER JOIN VulnerabilitySolution VS ON VAD_VS.VulnerabilitySolutionId = VS.Id"
+ " WHERE VAD_VS.VulnerabilityAlertDocumentId = #VULNID ";
addParameter(command, "#VULNID", vulnId);
command.CommandText = _strSQL;
_dt = fillDataTable(command);
DataModel.Vulnerability.VulnerabilitySolution vulnSolution;
foreach (DataRow row in _dt.Rows)
{
vulnSolution = new DataModel.Vulnerability.VulnerabilitySolution(row);
result.Add(vulnSolution);
}
return result;
}
The problem is that when try to execute this line: _dt = fillDataTable(command); it throw the following exception: Incorrect syntax near '*'
What could be the problem? If I try to execute the same query in SQL Server (replacing the value of the parameter) it work fine
How can I solve this issue?
You need to add the word select before the VS.*
_strSQL = "SELECT VS.* FROM VulnerabilityAlertDocument_VulnerabilitySolution VAD_VS"
+ " INNER JOIN VulnerabilitySolution VS ON VAD_VS.VulnerabilitySolutionId = VS.Id"
+ " WHERE VAD_VS.VulnerabilityAlertDocumentId = #VULNID ";
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 5 years ago.
Improve this question
I am trying to run a database query through c#. I am trying to pass a parameter into my sql statement but I am getting an exception saying invalid near #Agent_ID.
My code is like this
SqlCommand command = new SqlCommand("Select Csr_DISBURSEMENTDATE, Csr_AGENTNUMBER, Csr_TOTCURREARNINGS, Csr_MISCADJUSTMENTS, Csr_YTDTOTALCOMM, Csr_PAYMENTMETHOD From Cm_Opt_Csr_CommStatement_S " +
"inner join Cm_Opt_Con_Contract_S on Con_WritingCode = Csr_AgentNumber" +
"inner join Cm_Opt_Agt_Agent_S on agt_ID = Con_AgentID" +
"where Agt_ID = #AgentID");
command.Parameters.AddWithValue("#AgentID", Con_agentID);
command.Connection = conn;
SqlDataReader rdr = null;
rdr = command.ExecuteReader();
Con_agentID is a guid and in the database table the column which it maps to is a uniqueidentifer. I am stuck at this point. Could someone please point out the mistake in the syntax.
The exception thrown is
System.Data.SqlClient.SqlException: 'Incorrect syntax near 'Agt_ID'.'
You are missing spaces between words when you continue on to next line.
SqlCommand command = new SqlCommand("Select Csr_DISBURSEMENTDATE, Csr_AGENTNUMBER, Csr_TOTCURREARNINGS, Csr_MISCADJUSTMENTS, Csr_YTDTOTALCOMM, Csr_PAYMENTMETHOD From Cm_Opt_Csr_CommStatement_S " +
"inner join Cm_Opt_Con_Contract_S on Con_WritingCode = Csr_AgentNumber " +
"inner join Cm_Opt_Agt_Agent_S on agt_ID = Con_AgentID " +
"where Agt_ID = #AgentID");
command.Parameters.AddWithValue("#AgentID", Con_agentID);
command.Connection = conn;
SqlDataReader rdr = null;
rdr = command.ExecuteReader();
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 5 years ago.
Improve this question
so, I have this code
MySqlConnection connection = new MySqlConnection("Server=localhost;Port=3306; Database=brez-db;Uid=root;Pwd=root;");
try {
connection.Open();
String Query = "SELECT 1 FROM users_table WHERE user_Username='" + usernameTB.Text + "' AND user_Password='" + passwordTB.Password + "'";
MySqlCommand myCommand = new MySqlCommand(Query, connection);
MySqlDataReader myReader = myCommand.ExecuteReader();
while (myReader.Read())
{
String str = myReader.GetString("user_Username").ToString();
MessageBox.Show(str);
}
}
catch(Exception ex) { throw; }
finally { }
but
while(myReader.Read()){}
returns only 1 and 0 . 1 if there is a value inside and 0 if there's nothing.
I've tried many things to get the value but nothing, any suggestion?
I'm writing a wpf C# app
PS: I know that its a good thing to use parameters for security, but I want to make a simple code for now
Remove 1 after the select. Also you should use query for the name of your string,not Query,it looks like it is reserved for something.
Also,you should get your string like this:
string sUsername= myReader["ColumnName"].ToString();
or like this
string sUsername= myReader[0].ToString();
And in the finally you are missing connection.Close();
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 5 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Improve this question
How can I replace the "#something" with the "textBox2.Text" , so the sql can search for things that contains it? This doesn't work.
private void cmd1_Click(object sender, EventArgs e)
{
string content = null;
FbConnection conn = new FbConnection(connectionString);
conn.Open();
FbCommand command = conn.CreateCommand();
command.CommandText = #"select a.NAME, a.SCHOOL, a.CLASS
from PEOPLE a, PLACES b
where
b.KEY=a.PLACE and
a.SCHOOL like '%#something%'
order by a.NAME";
command.Parameters.AddWithValue("#something", textBox2.Text);
FbDataReader reader = command.ExecuteReader();
while (reader.Read())
{
content += (string)reader["NAME"] + "\r\n";
textBox1.Text = content;
}
}
By wrapping #something in single quotes in the SQL statement, you tell the database to treat it as a direct string value, so that search will be matching records to the actual "%#something%" string - with the logic for "%" parts, of course.
a.SCHOOL like #something
...
command.Parameters.AddWithValue("#something", "%" + textBox2.Text + "%");
Or use this solution.
command.CommandText = #"select a.NAME, a.SCHOOL, a.CLASS
from PEOPLE a, PLACES b
where
b.KEY=a.PLACE and
a.SCHOOL like '%' || #something || '%'
order by a.NAME";
command.Parameters.AddWithValue("#something", textBox2.Text);
Like igor said %#something% is a string. You can make #something a 'variable' to and concatenate a % before and after it inside the SQL query.
Update: first used a + (Microsoft SQL Server) to concatenate it but #hvd said that firebird uses ||. So I've changed it.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I have a c# application. I am trying to run a parameterized query, please see below. However I keep getting the error message
"The parameterized query '(#dtStart date)SELECT * FROM
D_CORPACTIONS_MSCI WHERE [date_effe' expects the parameter '#dtStart',
which was not supplied."
I can't see why it is telling me this though?
DateTime dtStart = dtPrev;
using (_connection = new SqlConnection(_connectionString))
{
_connection.Open();
string cmdText = "SELECT * FROM D_CORPACTIONS_MSCI " +
"WHERE [date_effective] >= #dtStart " +
"AND [ca_status] ='" + caStatus + "'";
_command = new SqlCommand(cmdText, _connection);
_command.Parameters.Add("#dtStart", SqlDbType.Date);
Instead of Parameters.Add try Parameters.AddWithValue
_command.Parameters.AddWithValue("#dtStart", dtStart);
Or give a value to your parameter:
_command.Parameters.Add("#dtStart", SqlDbType.Date).Value = dtStart;
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I have this sql query which should return a count of 0 but I guess it is badly build.
here is the SQL code which I execute
string cmdText = #"SELECT count(*)
From Apointement
WHERE emailClient=#emailClient AND
trialdate=#trialdate AND
TrailHour=trialhour";
SqlCommand cmd = new SqlCommand(cmdText, con);
cmd.Parameters.AddWithValue("#emailClient", Convert.ToString(Session["email"]));
cmd.Parameters.AddWithValue("#trialdate",dDateApt);
cmd.Parameters.AddWithValue("#trialhour", sHourApt);
if (con.State == ConnectionState.Closed)
{
con.Open();
}
int nbrofRec = (int) cmd.ExecuteScalar();
if (nbrofRec >= 1)
This query return 1 for the count.
The data in the query is as follow:
email = s.brown#rv.com
trialdate = 1/27/2014 12:00:00AM
trialhour = 10:00
The date in the database
email = s.brown#rv.com
trialdate = 1/27/2014
trialhour = 12:00 <=== notice the only appointment is at 12:00 not at 10:00
I can't find out which element is wrong.
AND TrailHour=trialhour
should be
AND TrailHour=#trialhour
You are missing # in front of last parameter.
So make your SQL like so.
string cmdText = "SELECT count(*) From Apointement WHERE emailClient=#emailClient AND
trialdate=#trialdate AND TrailHour=#Trialhour"