We're a community of 1.1M IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,080,477 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: Save Now—Cisco UCS C24 M3 Rack Servers
3 Years Ago
0

MySQL and ASP.NET C# Prepared Statement

Hello,

I am having trouble converting my "MySQL" statement to a prepared statement. here is the part of the code that i need help with.

How Do I make below statement a prepared statement and can actually read the result afterwards. this way everything works perfectly, except that its not a prepared statement.

Please help. This is a web application in ASP.net using C#.

Thank you in advance.

String query = "Select * from Member where username=\"" + TextBox2.Text + "\";";
                MySqlCommand cmd = new MySqlCommand(query, conn);
                MySqlDataReader print = cmd.ExecuteReader();
                bool read = print.Read();
                string password = print.GetString(2);

Regards,
Roswell67

3
Contributors
2
Replies
1 Day
Discussion Span
3 Years Ago
Last Updated
6
Views
roswell67
Light Poster
32 posts since Sep 2009
Reputation Points: 12
Solved Threads: 4
Skill Endorsements: 0
3 Years Ago
0

Parameterized query.

String query = "Select * from Member where username=?uname";
                MySqlCommand cmd = new MySqlCommand(query, conn);
                cmd.Parameters.Add("?uname",TextBox1.Text);
                MySqlDataReader print = cmd.ExecuteReader();
                bool read = print.Read();
                string password = print.GetString(2);
__avd
Posting Genius (adatapost)
Moderator
8,737 posts since Oct 2008
Reputation Points: 2,141
Solved Threads: 1,262
Skill Endorsements: 51
3 Years Ago
0
String query = "Select * from Member where username= ?userName";

MySqlCommand cmd = new MySqlCommand(query, conn);

cmd.Prepare();
cmd.Parameters.Add("?userName",  TextBox2.Text);

MySqlDataReader print = cmd.ExecuteReader();

bool read = print.Read();

string password = print.GetString(2);

Hello,

I am having trouble converting my "MySQL" statement to a prepared statement. here is the part of the code that i need help with.

How Do I make below statement a prepared statement and can actually read the result afterwards. this way everything works perfectly, except that its not a prepared statement.

Please help. This is a web application in ASP.net using C#.

Thank you in advance.

String query = "Select * from Member where username=\"" + TextBox2.Text + "\";";
                MySqlCommand cmd = new MySqlCommand(query, conn);
                MySqlDataReader print = cmd.ExecuteReader();
                bool read = print.Read();
                string password = print.GetString(2);

Regards,
Roswell67

eliza81
Newbie Poster
9 posts since Jan 2010
Reputation Points: 10
Solved Threads: 1
Skill Endorsements: 0

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > ASP.NET
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page generated in 0.0595 seconds using 2.68MB