6
Contributors
8
Replies
9
Views
6 Years
Discussion Span
Last Post by __avd
0

can u give me a full example?..im really a noob..:)

0

what exactly you want to search for? can you please give me the table and column name? so that i can write query

0

what i did, is first i search the record on the database....
then use sqlCommand.ExecuteScalar()

SELECT field1 from tableName  WHERE field1 = '" & txtbox1.text & "'

Dim ReturnValue as  integer
ReturnValue = SqlCommand.executeScalar

if executeScalar returns 1 then its existing....

0
'try this 
'open th connection to the database
'cmd is the variable of the sqlcommand
'cnn is the variable of sqlconnection

cnn.open
Dim ReturnValue as  string
cmd=new sqlcommand("SELECT field1 from tableName  WHERE field1 = '" & txtbox1.text & "'",cnn)
ReturnValue =cmd.executeScalar
if ReturnValue  <> "" then
msgbox("Record Already Exist"):exit sub
end if
cnn.close

Edited by DONPAWPAW: updating

1

Hi guys!

If you are not aware of "SQL Injection" please read this article or just google it.

Do not use SQL query by concatenating hard-coded strings because this way malicious code is inserted into sql strings.

Do use Type-Safe SQL Parameters.

Dim Cnn as New SqlConnection()
Dim Cmd as New SqlCommand()

Cnn.ConnectionString="Connection_string"

Cmd.CommandText="SELECT field1 from tableName  WHERE field1 = @para1"
Cmd.Connection=Cnn
Cmd.Parameters.AddWithValue("@para1",TextBox1.Text)

Dim isFound as boolean=false

Dim reader as SqlDataReader

Cnn.Open()
reader=Cmd.ExecuteReader()
If reader.Read() Then
    isFound=true
End If
reader.Close()
Cnn.Close()
0

Hi guys!

If you are not aware of "SQL Injection" please read this article or just google it.

Do not use SQL query by concatenating hard-coded strings because this way malicious code is inserted into sql strings.

Do use Type-Safe SQL Parameters.

Dim Cnn as New SqlConnection()
Dim Cmd as New SqlCommand()

Cnn.ConnectionString="Connection_string"

Cmd.CommandText="SELECT field1 from tableName  WHERE field1 = @para1"
Cmd.Connection=Cnn
Cmd.Parameters.AddWithValue("@para1",TextBox1.Text)

Dim isFound as boolean=false

Dim reader as SqlDataReader

Cnn.Open()
reader=Cmd.ExecuteReader()
If reader.Read() Then
    isFound=true
End If
reader.Close()
Cnn.Close()

adatapost, i have a question for you about paramiterized queries.
do you mind if i PM you a question, or if i start a thread would u reply to it ?

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.