Dear,
I have a code of c# who simply insert data into database i have code that contains abyte data but runtime it insert query display the system.byte[] instead of byte data

private void showData_Click(object sender, EventArgs e)
        {
            String FileType;
            String PictureName;
            for (int i = 0; i <= files.Length - 1; i++)
            {
                if (files[i] == null)
                {
                    MessageBox.Show("Now Null Array is Startyeed");
                    break;
                }
                else
                {
                    //MessageBox.Show(files[i]);
                    FileType = MimeType(files[i]);
                    //MessageBox.Show(FileType);
                    PictureName = FileName(files[i]);
                    //MessageBox.Show(PictureName);
                    byte[] PictureBinary = File.ReadAllBytes(files[i]);
                    

                    UpdateDatabase(PictureName, PictureBinary, FileType);
                
                }
            }
            
        }
 private void UpdateDatabase(string pname,byte[] pict,string extension) {
            SqlConnection conn;
            string query = @"SELECT ProductId,Id From ProductVariant WHERE PictureName = 'adtran/" + pname + "'";
            conn = new SqlConnection("Data Source=ACCSOFTA005\\ACCSOFTA005G;Initial Catalog=webstoreDB;User ID=sa;Password=sa");
            conn.Open();
            SqlCommand cmd = new SqlCommand(query, conn);
            //SqlDataReader Dr = new SqlDataReader(query);
            SqlDataReader Dr = cmd.ExecuteReader();
            
            if (Dr.HasRows)
            {
                while(Dr.Read()){
                    int ProductId = Dr.GetInt32(0);
                    int Id = Dr.GetInt32(1);
                    
                //Dr.Close();
                // Insert New Image into the Picture Table and Get PictureId from that Particular Image
                // 21-11-2011 [MUBUSHER ASLAM]
                string InsertPictureQuery = "INSERT INTO Picture (PictureBinary,MimeType,IsNew) Values (" + pict + ",'" + extension +"',1);" + "Select Scope_Identity()";
                MessageBox.Show(InsertPictureQuery);
                int LastId = GetLastInsertedId(InsertPictureQuery);
}
              }

in line number 46
pict is a byte data type when its execute query so its message display:

An object or column name is missing or empty. For SELECT INTO statments, 
verify each column has a name. For other statments, look for empty alias names.
Aliases defined as "" or[] are not allowed. change the alias to a valid name.
Incorrect syntax near ".

Edited 5 Years Ago by Mubusher: n/a

You have to use Parameters (prepare).

conn = new SqlConnection("Data Source=ACCSOFTA005\\ACCSOFTA005G;Initial Catalog=webstoreDB;User ID=sa;Password=sa");
 string sql="INSERT INTO Picture (PictureBinary,MimeType,IsNew) Values (@PictureBinary,@MimeType,@IsNew)";
 SqlCommand cmd = new SqlCommand(sql, conn);
 cmd.Parameters.Add("@PictureBinary",SqlDbType.Image,pict.Length).Value=pict;
 cmd.Parameters.Add("@MimeType",SqlDbType.VarChar,50).Value=pname;
 cmd.Parameters.Add("@IsNew",SqlDbType.Int).Value=1;
 conn.Open();
 cmd.ExecuteNonQuery();
 conn.Close();
This article has been dead for over six months. Start a new discussion instead.