Database delete [modified]
-
Hey! I ran into a little problem today... i think it's an easy one, but i don't have the answer. I have a string n declared and i want to delete all the rows in one database(sql) which contain that string(completely, not parts of the cells in the databases). so i wrote: SqlConnection sqlconn = new SqlConnection(); sqlconn.ConnectionString = "Data Source=CATA;Initial Catalog=datagrid;Integrated Security=True;Pooling=False"; sqlconn.Open(); SqlCommand sqlcomm = new SqlCommand(); sqlcomm.CommandText = "DELETE FROM datagrid WHERE name ='"&n&"'"; sqlcomm.Connection = sqlconn; sqlcomm.ExecuteNonQuery(); but i get the following message when i try to run the program: Error 1 Operator '&' cannot be applied to operands of type 'string' and 'string' -- modified at 7:35 Tuesday 23rd May, 2006
-
Hey! I ran into a little problem today... i think it's an easy one, but i don't have the answer. I have a string n declared and i want to delete all the rows in one database(sql) which contain that string(completely, not parts of the cells in the databases). so i wrote: SqlConnection sqlconn = new SqlConnection(); sqlconn.ConnectionString = "Data Source=CATA;Initial Catalog=datagrid;Integrated Security=True;Pooling=False"; sqlconn.Open(); SqlCommand sqlcomm = new SqlCommand(); sqlcomm.CommandText = "DELETE FROM datagrid WHERE name ='"&n&"'"; sqlcomm.Connection = sqlconn; sqlcomm.ExecuteNonQuery(); but i get the following message when i try to run the program: Error 1 Operator '&' cannot be applied to operands of type 'string' and 'string' -- modified at 7:35 Tuesday 23rd May, 2006
drc_no1 wrote:
sqlcomm.CommandText = "DELETE FROM datagrid WHERE name ='"&n&"'";
that would be: WHERE name ='" + n + "'";
-
Hey! I ran into a little problem today... i think it's an easy one, but i don't have the answer. I have a string n declared and i want to delete all the rows in one database(sql) which contain that string(completely, not parts of the cells in the databases). so i wrote: SqlConnection sqlconn = new SqlConnection(); sqlconn.ConnectionString = "Data Source=CATA;Initial Catalog=datagrid;Integrated Security=True;Pooling=False"; sqlconn.Open(); SqlCommand sqlcomm = new SqlCommand(); sqlcomm.CommandText = "DELETE FROM datagrid WHERE name ='"&n&"'"; sqlcomm.Connection = sqlconn; sqlcomm.ExecuteNonQuery(); but i get the following message when i try to run the program: Error 1 Operator '&' cannot be applied to operands of type 'string' and 'string' -- modified at 7:35 Tuesday 23rd May, 2006
While HollyHoo's suggestion would probably work, I suggest you read this[^] article to know why your code is vulnerable to SQL injection attacks. Regards Senthil _____________________________ My Blog | My Articles | WinMacro
-
drc_no1 wrote:
sqlcomm.CommandText = "DELETE FROM datagrid WHERE name ='"&n&"'";
that would be: WHERE name ='" + n + "'";
Yup, it works. Thanx a lot! Now i have another problem... I have a datagrid and i have added one button column called delete. when i press delete, i want my row to disappear. But, i can't find a suitable event for clicking that button. all i find is cell content click or any other that aplies to the whole row, not only to that cell contining the row. Can u help me, pls?
-
While HollyHoo's suggestion would probably work, I suggest you read this[^] article to know why your code is vulnerable to SQL injection attacks. Regards Senthil _____________________________ My Blog | My Articles | WinMacro
Very good suggestion