"data is updated successfuly..." is shown but database cannot updated

dipesh_karmakar

protected void ImageButton1_Click(object sender, ImageClickEventArgs e) { con1.Open(); SqlCommand cmd4 = new SqlCommand("UPDATE candidate_personal_details SET GUARDIAN_NAME='" + TextBox23.Text + "',GUARDIAN_PH_NO='" + TextBox24.Text + "',GUARDIAN_MOB='" + TextBox25.Text + "',NATIONALITY='" + TextBox26.Text + "', GENDER='" + DropDownList1.Text + "',D_O_B='" + TextBox27.Text + "' , PRESENT_ADDRESS='" + TextBox28.Text + "',DIST1='" + TextBox29.Text + "' ,PIN1='" + TextBox30.Text + "',PERMANENT_ADDRESS='" + TextBox31.Text + "',DIST2='" + TextBox32.Text + "',PIN2='" + TextBox33.Text + "',LOCAL_GUARDIAN_NAME='" + TextBox34.Text + "',LOCAL_GUARDIAN_ADDRESS='" + TextBox35.Text + "' ,DIST3='" + TextBox36.Text + "',PIN3='" + TextBox37.Text + "' ,LOCAL_GUARDIAN_PH_NO='" + TextBox38.Text + "' ,LOCAL_GUARDIAN_MOB='" + TextBox39.Text + "'WHERE EMAIL_ID='" + TextBox21.Text + "'", con1); SqlCommand cmd5 = new SqlCommand("UPDATE educational_details SET X_N_O_INSTITUTION='" + TextBox40.Text + "',X_N_O_BOARD='" + TextBox41.Text + "',X_Y_O_PASSING='" + TextBox42.Text + "',X_O_MARKS='" + TextBox43.Text + "',XII_N_O_INSTITUTION='" + TextBox45.Text + "',XII_N_O_BOARD='" + TextBox46.Text + "',XII_Y_O_PASSING='" + TextBox47.Text + "',XII_O_MARKS='" + TextBox48.Text + "',G_N_O_INSTITUTION='" + TextBox50.Text + "',G_N_O_BOARD='" + TextBox51.Text + "',G_Y_O_PASSING='" + TextBox52.Text + "',G_O_MARKS='" + TextBox53.Text + "'WHERE EMAIL_ID='" + TextBox21.Text + "'", con1); // SqlCommand cmd3 = new SqlCommand(sql2, con); cmd4.ExecuteNonQuery(); cmd5.ExecuteNonQuery(); con1.Close(); Label66.Text = "data is updated successfuly..."; // cmd3.ExecuteNonQuery(); }

Lost User

Not surprising; add a space before the "WHERE" keyword. It'd be a bit more safe (google for Sql Injection) and a whole lot more readable if you use parameterized queries;

    using (var con = new System.Data.SqlClient.SqlConnection())
    using (var cmd = con.CreateCommand())
    {
        con.ConnectionString = "";
        con.Open();
    
        cmd.CommandText = @"UPDATE candidate\_personal\_details 
                               SET GUARDIAN\_NAME=@GuardianName
                                  ,GUARDIAN\_PH\_NO=GuardianPhone
                                  ,GUARDIAN\_MOB=@GuardianMobile
                                  ,NATIONALITY=@GuardianNationality
                                  ,GENDER=@GuardianGender
                                  ,D\_O\_B=@GuardianDob 
                                  ,PRESENT\_ADDRESS=@GuardianPresentAdress
                                  ,DIST1=@GuardianDist1
                                  ,PIN1=@GuardianIn1
                                  ,PERMANENT\_ADDRESS=@GuardianAddress2
                                  ,DIST2=@GuardianDist2
                                  ,PIN2=@GuardianIn1
                                  ,LOCAL\_GUARDIAN\_NAME=@GuardianLocalName
                                  ,LOCAL\_GUARDIAN\_ADDRESS=@GuardianAddress3
                                  ,DIST3=@GuardianDist3
                                  ,PIN3=@GuardianIn1
                                  ,LOCAL\_GUARDIAN\_PH\_NO=@GuardianPhone626 -- how many phones do they HAVE?
                                  ,LOCAL\_GUARDIAN\_MOB=@GuardianMob3
                             WHERE EMAIL\_ID=@GuardianMailId";
        cmd.Parameters.AddWithValue("@GuardianName", TextBox23.Text);
        cmd.Parameters.AddWithValue("@GuardianPhone", TextBox24.Text);
        cmd.Parameters.AddWithValue("@GuardianMobile", TextBox25.Text);
        cmd.Parameters.AddWithValue("@GuardianNationality", TextBox26.Text);
        cmd.Parameters.AddWithValue("@GuardianGender", TextBox27.Text);
        //..and so on for all paramenters
        cmd.ExecuteNonQuery();
        cmd.Parameters.Clear();
        cmd.CommandText = @"UPDATE educational\_details 
                               SET X\_N\_O\_INSTITUTION=@X\_NO\_Institution
                                  ,X\_N\_O\_BOARD=@X\_NO\_Board

saroj mnaik

There May Be any DAtabase Name Mismatch Otherwirse Table Mismatch... ;)

saroj mnaik

Ther is some Problem In your Code.You Should write like . Int k=cmd3.ExecuteNonQuery(); if(k>0) { lable.text="Updated Successfully"; } else { lable.text="Some Internal Error"; }