from vb.net to C#
-
hellow to all .. i have a vb.net code that use ADO.NET i need to make it work on C# .. but when i write it down i got two erros ... i don't know why ! it is ado.net code it have to work in anylanguage . i got the error where the arrows are .. thxx to anyhelp .. { string SQLContract,SQLContractPay; int ContractIndx; ClsInfo Assist_Var = new ClsInfo(); SQLContract = "INSERT Contract( " + "ClientNum,ContractType,BDate,EDate," + "UDate,ContratOption,PropertyNum,"+ "HierMeters,MeterPrice,Remarks)" + "VALUES( " + txt_Client_Name.Text + "," + Assist_Var.PrepareStr("B") + "," + Assist_Var.PrepareStr(dtFromDate.Text) + "," + Assist_Var.PrepareStr(dtToDate.Text) + "," + Assist_Var.PrepareStr(dtChange.Text) + "," + Assist_Var.Val(txtYears.Text) + "," + Assist_Var.Val(txtPropertyID.Text) + "," + Assist_Var.Val(txtMeters.Text) + "," + Assist_Var.Val(txtMeterPrice.Text) + "," + Assist_Var.PrepareStr(txtRemarks.Text) + ");" + "SELECT @Indx = @@IDENTITY" ; OleDbConnection OleDbConn = new OleDbConnection(Assist_Var.SQLConnection()); OleDbConn.Open(); OleDbCommand OleDbCommand = new OleDbCommand(); OleDbCommand.CommandText = SQLContract; OleDbCommand.CommandType = CommandType.Text; OleDbCommand.Connection = OleDbConn; OleDbParameter MyPara = new OleDbParameter(); ------->>>> 'MyPara = new OleDbParameter("@Indx",SqlDbType.Int, 4); MyPara.Direction = ParameterDirection.Output; OleDbCommand.Parameters.Add(MyPara); try { OleDbCommand.ExecuteNonQuery(); ---->>>> 'ContractIndx = OleDbCommand.Parameters("@Indx").Value(); } catch (Exception ex) { MessageBox.Show(ex.Message); }
-
hellow to all .. i have a vb.net code that use ADO.NET i need to make it work on C# .. but when i write it down i got two erros ... i don't know why ! it is ado.net code it have to work in anylanguage . i got the error where the arrows are .. thxx to anyhelp .. { string SQLContract,SQLContractPay; int ContractIndx; ClsInfo Assist_Var = new ClsInfo(); SQLContract = "INSERT Contract( " + "ClientNum,ContractType,BDate,EDate," + "UDate,ContratOption,PropertyNum,"+ "HierMeters,MeterPrice,Remarks)" + "VALUES( " + txt_Client_Name.Text + "," + Assist_Var.PrepareStr("B") + "," + Assist_Var.PrepareStr(dtFromDate.Text) + "," + Assist_Var.PrepareStr(dtToDate.Text) + "," + Assist_Var.PrepareStr(dtChange.Text) + "," + Assist_Var.Val(txtYears.Text) + "," + Assist_Var.Val(txtPropertyID.Text) + "," + Assist_Var.Val(txtMeters.Text) + "," + Assist_Var.Val(txtMeterPrice.Text) + "," + Assist_Var.PrepareStr(txtRemarks.Text) + ");" + "SELECT @Indx = @@IDENTITY" ; OleDbConnection OleDbConn = new OleDbConnection(Assist_Var.SQLConnection()); OleDbConn.Open(); OleDbCommand OleDbCommand = new OleDbCommand(); OleDbCommand.CommandText = SQLContract; OleDbCommand.CommandType = CommandType.Text; OleDbCommand.Connection = OleDbConn; OleDbParameter MyPara = new OleDbParameter(); ------->>>> 'MyPara = new OleDbParameter("@Indx",SqlDbType.Int, 4); MyPara.Direction = ParameterDirection.Output; OleDbCommand.Parameters.Add(MyPara); try { OleDbCommand.ExecuteNonQuery(); ---->>>> 'ContractIndx = OleDbCommand.Parameters("@Indx").Value(); } catch (Exception ex) { MessageBox.Show(ex.Message); }
What I want to know is, why are you instantiating an OleDbParameter then attempting to write over it. In other words: Why are you creating an object then not using it?
microuser_2000 wrote:
OleDbParameter MyPara = new OleDbParameter(); ------->>>> 'MyPara = new OleDbParameter("@Indx",SqlDbType.Int, 4);
Well, looking at the documentation for OleDbParameter[^] it would appear that you are passing a
SqlDbTypewhen it expects anOleDbType.microuser_2000 wrote:
---->>>> 'ContractIndx = OleDbCommand.Parameters("@Indx").Value();
This is because you have not translated the VB.NET code. The indexer property uses square brackets in C#.
[]not parenthesis()Some other questions: This appears to be connecting to a SQL Server database, why not use the equivalent classes inSystem.Data.SqlClient? It would be more efficient. Why are you injecting values into the SQL statement? It blows a great big hole through any security you have in your application (if you have any at all) that allows an attacker almost direct access to the database. You might want to read about SQL Injection Attacks and some tips on how to prevent them[^]
Upcoming Scottish Developers events: * Glasgow: Tell us what you want to see in 2007 My: Website | Blog | Photos
-
What I want to know is, why are you instantiating an OleDbParameter then attempting to write over it. In other words: Why are you creating an object then not using it?
microuser_2000 wrote:
OleDbParameter MyPara = new OleDbParameter(); ------->>>> 'MyPara = new OleDbParameter("@Indx",SqlDbType.Int, 4);
Well, looking at the documentation for OleDbParameter[^] it would appear that you are passing a
SqlDbTypewhen it expects anOleDbType.microuser_2000 wrote:
---->>>> 'ContractIndx = OleDbCommand.Parameters("@Indx").Value();
This is because you have not translated the VB.NET code. The indexer property uses square brackets in C#.
[]not parenthesis()Some other questions: This appears to be connecting to a SQL Server database, why not use the equivalent classes inSystem.Data.SqlClient? It would be more efficient. Why are you injecting values into the SQL statement? It blows a great big hole through any security you have in your application (if you have any at all) that allows an attacker almost direct access to the database. You might want to read about SQL Injection Attacks and some tips on how to prevent them[^]
Upcoming Scottish Developers events: * Glasgow: Tell us what you want to see in 2007 My: Website | Blog | Photos
hello sorry for the late reply , i wanna take the value of the indx after it has been inserted and to save it to use it in another statment ...
-
hello sorry for the late reply , i wanna take the value of the indx after it has been inserted and to save it to use it in another statment ...
microuser_2000 wrote:
i wanna take the value of the indx after it has been inserted and to save it to use it in another statment ...
Excellent. So after following the advice I gave in my previous post what part are you stuck on now?
Upcoming Scottish Developers events: * Glasgow: Tell us what you want to see in 2007 My: Website | Blog | Photos