Need Help
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
Not sure of all the types of the fields but try this string query2 = "select sum(amount) AS Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'";
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
While reading the value from textbox, Trim the blank spaces. That may cause some problem.
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
To add to the previous - don't do it that way anyway. Use parametrised queries as it gives better security agains SQL Injection Attacks. (See SqlCommand.AddWithValue) Oh, and if you post a code fragment again, surround it with the "code block" widget to preserve teh formatting:
string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'";
SqlCommand cmd2 = new SqlCommand(query2, conn);
try
{
conn.Open();
SqlDataReader sdr = cmd2.ExecuteReader();
while (sdr.Read())
{
Gtotal.Text = sdr["Total"].ToString();
}
}
finally
{
conn.Close();
}It makes things so much eaasier to read!
Did you know: That by counting the rings on a tree trunk, you can tell how many other trees it has slept with.
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
Please learn how to post a question properly: with an informative subject line, with code snippets inside PRE tags, with variable declarations, etc. You have several mistakes here: - AS total - the WHERE clause does not take quotes when the field is a number And yes, using SqlParameter rather than command string concatenation is the preferred way to do things. Read up on "SQL injection attacks" :)
Luc Pattyn [Forum Guidelines] [Why QA sucks] [My Articles] Nil Volentibus Arduum
Please use <PRE> tags for code snippets, they preserve indentation, and improve readability.
-
Hi. please tell me my mistake in blow code,code not return any value.. please help string query2 = "select sum(amount) Total from pur_inv_dtl where inv_id = '" + IdTxt.Text + "'"; SqlCommand cmd2 = new SqlCommand(query2, conn); try { conn.Open(); SqlDataReader sdr = cmd2.ExecuteReader(); while (sdr.Read()) { Gtotal.Text = sdr["Total"].ToString(); } } finally { conn.Close(); }
There are a few things that you need to look at here. 1. You are using a query (as others have pointed out) that is wide open to SQL Injection. 2. You don't dispose of your
SqlCommand(try wrapping them it theusingstatement). 3. You are using the wrong method to read data (and I'm surprised nobody pointed this out to you). Basically you have opened up a DataReader to read a single value out of the database. This is overkill. Try replacing this withExecuteScalarinstead, which is designed to return single values. 4. In your finally block, you callconn.Close; what happens if you didn't manage to open the connection in the first place?"WPF has many lovers. It's a veritable porn star!" - Josh Smith
As Braveheart once said, "You can take our freedom but you'll never take our Hobnobs!" - Martin Hughes.
