parameterized query
-
Hi, I did not receive the database. But the code looks ok. I'm sending sample code with this answer. I'm simple code snippet. /*****************FORM1********************************/ using System; using System.Drawing; using System.Collections; using System.ComponentModel; using System.Windows.Forms; using System.Data; namespace dono { /// /// Summary description for Form1. /// public class Form1 : System.Windows.Forms.Form { private System.Windows.Forms.Button button1; private System.Windows.Forms.TextBox textBox1; private System.Data.OleDb.OleDbDataAdapter oleDbDataAdapter1; private System.Data.OleDb.OleDbCommand oleDbSelectCommand1; private System.Data.OleDb.OleDbCommand oleDbInsertCommand1; private System.Data.OleDb.OleDbCommand oleDbUpdateCommand1; private System.Data.OleDb.OleDbCommand oleDbDeleteCommand1; private System.Data.OleDb.OleDbConnection oleDbConnection1; /// /// Required designer variable. /// private System.ComponentModel.Container components = null; public Form1() { // // Required for Windows Form Designer support // InitializeComponent(); // // TODO: Add any constructor code after InitializeComponent call // } /// /// Clean up any resources being used. /// protected override void Dispose( bool disposing ) { if( disposing ) { if (components != null) { components.Dispose(); } } base.Dispose( disposing ); } #region Windows Form Designer generated code /// /// Required method for Designer support - do not modify /// the contents of this method with the code editor. /// private void InitializeComponent() { this.button1 = new System.Windows.Forms.Button(); this.textBox1 = new System.Windows.Forms.TextBox(); this.oleDbDataAdapter1 = new System.Data.OleDb.OleDbDataAdapter(); this.oleDbDeleteCommand1 = new System.Data.OleDb.OleDbCommand(); this.oleDbConnection1 = new System.Data.OleDb.OleDbConnection(); this.oleDbInsertCommand1 = new System.Data.OleDb.OleDbCommand(); this.oleDbSelectCommand1 = new System.Data.OleDb.OleDbCommand(); this.oleDbUpdateCommand1 = new System.Data.OleDb.OleDbCommand(); this.SuspendLayout(); // // button1 // this.button1.Location = new System.Drawing.Point(256, 112);
hi im sure glad u replied. sorry for the late reply. just got home. anyway, i just had a look at the code snippet. over here i think im not sure: private void button1_Click(object sender, System.EventArgs e) { Form2 frm = new Form2(); frm.textBox1.Text = "I got the value"; << the textBox1 is in my form2 so i get errors something like this --> textbox1 not found in this form (form1) and cant get access to textbox1 in form2. this.Hide(); frm.Show(); thanks friend once again! =)
-
Just type something with a ' in there and you code will blow up. If you have a text box where I enter a date, and I change the culture of the operating system, you'll get erroneous date. It's really easy to have parameterized queries, and even access has them. Compare this:
string sql = "SELECT * FROM Users WHERE UserName = '" + txtUserName.Text "' AND Password = '" + txtPassword.Text + "'"; OleDbCommand cmd = new OleDbCommand(cmd, conn);to this:
string sql = "SELECT * FROM Users WHERE UserName = ? AND Password = ?"; OleDbCommand cmd = new OleDbCommand(cmd, conn); cmd.Parameters.Add("", txtUserName.Text); // In Access, parameter name doesn't cmd.Parameters.Add("", txtPassword.Text); // matter, it's by positionEasier to read in my opinion, way much more secure and robust, and easier to maintain. -- LuisR
Luis Alonso Ramos Intelectix - Chihuahua, Mexico Not much here: My CP Blog!
The amount of sleep the average person needs is five more minutes. -- Vikram A Punathambekar, Aug. 11, 2005
hi there, thanks for replying! good, just learnt something from u =) --> Just type something with a ' in there and you code will blow up however, what i need help in is i cant load my data well if i were to SEPARATE "Search Controls" (textbox and button for query --> to get data belonging to person with a certain ID no.) with "Textbox Controls" (that is, data is to be loaded into these "Textbox Controls" placed in form2). im able to retrieve selected data when i place "Search Controls" and "Textbox Controls" on the same form but this is not what i want. thanks!
-
hi im sure glad u replied. sorry for the late reply. just got home. anyway, i just had a look at the code snippet. over here i think im not sure: private void button1_Click(object sender, System.EventArgs e) { Form2 frm = new Form2(); frm.textBox1.Text = "I got the value"; << the textBox1 is in my form2 so i get errors something like this --> textbox1 not found in this form (form1) and cant get access to textbox1 in form2. this.Hide(); frm.Show(); thanks friend once again! =)
Hi, Ok, I thought u were waiting for my answer. It seems that Form2 does not contain txtBox1. What u need to do is create a simple textbox in Form2 and make it public. If u do not make it public it will not work. There is another solution. Define a public property which will set the valus of text box. Something like this.. in Form2: private string setValue = string.Empty; public string SetMyValue { set { this.txtBox1.Text = value; } } in Form1's button click: Form2 frm = new Form2(); frm.SetMyValue = "I got the value"; this.Hide(); frm.Show(); :-D Jayant D. Kulkarni Brainbench Certified Software Engineer in C#, ASP.NET, .NET Framework and ADO.NET