Textbook security

Good spot, i didnt even pick up on that (My Fail)... (would have needed a 'dbo.' too.)!

OK so this is very wrong in every sense BUT: this SQL wont work if you look closely! you have a double quote at the end of the textbox (\") and not at the start, just a random '/' this will never work. (or are you making this up for a troll response)? alternativly, the last quote is fake or left because you doctored the SQL for us mere mortals, and potentially your after a number only. so "SELECT * FROM USER WHERE USER="+textBox1.Text; this is for only a number (as any string will make the SQL fail) so only a number will work, and the textbox will have to have been validated to only accept a number and therefore you wont have a problem as you cant SQL inject with only a number! i recon you are either trolling, or have not looked close at this, as if you even had 1 char in this SQL it will fall over. You my friend are a FAIL.... sorry! (P.S.... never ever write SQL's like this...)

Hiegn site is an amazing thing... but yup, will be next time... (its been 2 months ive not been able to dev our main product, and i can tell you MS support/devs seem to be bloody useless sorting bugs out)

I can tell you its very nice, BUT be carefull its broken! and its shagged my VS2010. I currently cant develop out main product because of this bug they have introduced unless i do a full machine re-install (so it seems) i can un-install VS2012 but the shared broken component stays (the fact Vs2012 has buggered my 2010 i find extreemly annoying). just do eval on a different machine is my advice...!

I agree with the Bit argument, but there is also anm argument for using a char(1). we use chars, and yes its been like it since before i started the compant, and it has cases the odd problem. but by using a char it makes the fiels nicely expandable. i just reciently in the last couple of days had to add a 3rd valud to a Y/N field for one custoner. so the database schema is shared, and now one customer has Y/N/X dont ask, but you know customers. also ive uses Y/N/[null] as a was of saying it is yes or no, but null is not set. so there can be time where this is aplicable, and like someone else said. the cost of a char is no more or less, and every /Net control can use what ever value you want, so no hard no foul. (till some newbie f's thing up by of cause). oh love the comment about storing the enum name thats class!!