ASP.NET RSS ASP.NET RSS

Asp.net Sql Query

Please support our ASP.NET advertiser: Intel Parallel Studio Home
Reply

Join Date: Sep 2007
Posts: 1
Reputation: m_saahil is an unknown quantity at this point 
Solved Threads: 0
m_saahil m_saahil is offline Offline
Newbie Poster

Asp.net Sql Query

 
0
  #1
Sep 25th, 2007
Hi all
I need urgent help to complete my project
I am unable to update my sql database.I have to update the database using textbox value as primary key and the other tools are textbox,dropdownlist and calender which i have used
I am doin project on ASP.NET using vb.net so plzz give me the coding in vb.net

the code i have written is as shown below
please help me out soon
ASP.NET Syntax (Toggle Plain Text) 
  1. Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
  2. myConnection = New SqlConnection("server =sqlserver.htsdomain.net;uid=sa;pwd=;database=CentralHTS")
  3.         'myConnection.Open()
  4.         'myCommand = New SqlCommand(UPDATE task  SET Numbercardused=@TextBox1.text,Numberfreetv=@Dropdownlist1,Datefrom,Dateto  where (PhoneNumber=@TextBox1.Text))
  5.         'Response.Write("Record Updated")
  6.  
Reply With Quote Quick reply to this message  
Join Date: Feb 2005
Posts: 1,181
Reputation: hollystyles will become famous soon enough hollystyles will become famous soon enough 
Solved Threads: 67
hollystyles's Avatar
hollystyles hollystyles is offline Offline
Veteran Poster

Re: Asp.net Sql Query

 
0
  #2
Sep 25th, 2007
You need to put strings in double quotes. The sql string argument to the SqlCommand constructor needs to be quoted.

myCommand = New SqlCommand("UPDATE task SET ...

don't put @ in front of the webserver control instances (you are confusing them with TSQL parameters) 

myCommand = New SqlCommand("UPDATE task  SET Numbercardused=" & TextBox1.text & " ...

The dropDownList you need to use the Selectedvalue property

... Numberfreetv=" & Dropdownlist1.SelectedValue & " ...

You need to execute the command now it's built:

ASP.NET Syntax (Toggle Plain Text) 
  1.  myCommand.ExecuteNonQuery()
Last edited by hollystyles; Sep 25th, 2007 at 9:12 am.
==========================================
Yadda yadda yadda...
Web junky, fevered monkey
Reply With Quote Quick reply to this message  
Join Date: Sep 2007
Posts: 5
Reputation: adamm84 is an unknown quantity at this point 
Solved Threads: 1
adamm84 adamm84 is offline Offline
Newbie Poster

Re: Asp.net Sql Query

 
0
  #3
Sep 25th, 2007
putting sql inline like that is extremely dangerous and not safe at all, i would suggest moving your sql to stored procedures, or at least parameterizing your query, you should also do some back end data verification, e.g. check for nulls, emptry strings, etc.
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the ASP.NET Forum
Thread Tools Search this Thread



.net activexcontrol advice ajax alltypeofvideos appliances asp asp.net bc30451 beginner bottomasp.net box browser button c# cac checkbox click commonfunctions control css dataaccesslayer database datagridview datagridviewcheckbox datalist deployment development dgv dialog dropdownlist dynamic dynamically edit embeddingactivexcontrol expose fileuploader fill findcontrol flash form formatdecimal formview gridview gudi iframe iis javascript listbox login microsoft mono mouse mssql multistepregistration news novell numerical opera panelmasterpagebuttoncontrols parent radio redirect registration relationaldatabases reportemail rotatepage save schoolproject search security sessionvariables silverlight smartcard smoobjects software sql-server sqlserver2005 ssl suse textbox tracking treeview unauthorized validatedate validation vb.net video videos virtualdirectory vista visualstudio web webapplications webdevelopemnt webdevelopment webprogramming webservice xsl youareanotmemberofthedebuggerusers
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC