problem in querying database
-
hi, i m having problem in reading values from database. something silly i m doing but can't figure it right now. Any help is welcome
public void getColumnNames(string col) { string constr = System.Configuration.ConfigurationManager.AppSettings["conskypak"]; String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; SqlConnection cn = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(cmdstr,cn); SqlDataReader dr; cn.Open(); dr = cmd.ExecuteReader(); while (!dr.Read()) { string name = ""; name =(string)dr[0]; } cn.Close(); } -
hi, i m having problem in reading values from database. something silly i m doing but can't figure it right now. Any help is welcome
public void getColumnNames(string col) { string constr = System.Configuration.ConfigurationManager.AppSettings["conskypak"]; String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; SqlConnection cn = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(cmdstr,cn); SqlDataReader dr; cn.Open(); dr = cmd.ExecuteReader(); while (!dr.Read()) { string name = ""; name =(string)dr[0]; } cn.Close(); }change this: String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; to this : String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col.Trim() + " ' "; it might be because of space which is with string.
-
hi, i m having problem in reading values from database. something silly i m doing but can't figure it right now. Any help is welcome
public void getColumnNames(string col) { string constr = System.Configuration.ConfigurationManager.AppSettings["conskypak"]; String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; SqlConnection cn = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(cmdstr,cn); SqlDataReader dr; cn.Open(); dr = cmd.ExecuteReader(); while (!dr.Read()) { string name = ""; name =(string)dr[0]; } cn.Close(); }try with this while (dr.Read())
Where there is a will,there is a way.
-
change this: String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; to this : String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col.Trim() + " ' "; it might be because of space which is with string.
-
hi, i m having problem in reading values from database. something silly i m doing but can't figure it right now. Any help is welcome
public void getColumnNames(string col) { string constr = System.Configuration.ConfigurationManager.AppSettings["conskypak"]; String cmdstr = "SELECT columnname FROM TableDescription where RecordCode=' " + col + " ' "; SqlConnection cn = new SqlConnection(constr); SqlCommand cmd = new SqlCommand(cmdstr,cn); SqlDataReader dr; cn.Open(); dr = cmd.ExecuteReader(); while (!dr.Read()) { string name = ""; name =(string)dr[0]; } cn.Close(); }It's not directly related to your problem, but you should make use of parameterized queries instead of building your queries by string concatenation. This way your code is protected against so called injection attacks and in my opinion they also make the code much more readable especially in cases where many parameters are used in one query. Take a look at the following article here at CP: SQL Injection Attacks and Some Tips on How to Prevent Them[^]
"Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning." - Rick Cook