protected void Update_Click(object sender, EventArgs e)
    {
        //string query = "update [user]" ;
        //query += "set name ='" + "@name" + "',";
       // query += "phone ='" +"@phone" +"'";
       // query += "where (id = `@id`)";
        string que = "UPDATE [user] SET ";
        que += "[name] =@name, [phone]=@phone1 WHERE (id = 10)";
        SqlConnection conn = new SqlConnection(ConnectionString);
        
        try
        {
            SqlCommand cmd = new SqlCommand(que, conn);
            conn.Open();
            string name = Name.Text;
            cmd.Parameters.AddWithValue("@id", int.Parse (Id.Text));
            cmd.Parameters.AddWithValue("@name1", name);
            cmd.Parameters.AddWithValue("@phone1", Phone.Text);
            //cmd.Parameters.
           
           msg.Text = que;

            //cmd.ExecuteNonQuery();
        }
        catch(Exception err){
            msg.Text = err.Message;
            //msg.Text += query;
        }
    }

here the parameters.addwith value does not updating the values of parameter @name and @phone, when i do the same method for insert it work fine .what is the wrong in my code please help. i try to debug the code and i found that
cmd.Parameters.AddWithValue("@name1", name); and cmd.Parameters.AddWithValue("@phone1", Phone.Text); not working proper i mean it not replace the value of@name1 insted ,it update database name field with '@name1'

Edited 4 Years Ago by Ezzaral: Added code tags. Please use them to format any code that you post.

Your string

"[name] =@name, [phone]=@phone1 WHERE (id = 10)"

... calls the param "@name", but your

cmd.Parameters.AddWithValue("@name1", name);

... calls it "@name1"

They should be the same name.

Also in the string "[name] =@name, [phone]=@phone1 WHERE (id = 10)", please remove the space between the closing bracket and the equal-sign.

Thank you thins01,
thank you for reply,but my problume still remain

protected void Update_Click(object sender, EventArgs e)
{
    //string query = "update [user]" ;
    //query += "set name ='" + "@name" + "',";
   // query += "phone ='" +"@phone" +"'";
   // query += "where (id = `@id`)";
    string que = "UPDATE [user] SET ";
    que += "[name]=@name,[phone]=@phone WHERE (id = 10)";
    SqlConnection conn = new SqlConnection(ConnectionString);

    try
    {
        SqlCommand cmd = new SqlCommand(que, conn);
        conn.Open();
        string name = Name.Text;
        cmd.Parameters.AddWithValue("@id", int.Parse (Id.Text));
        cmd.Parameters.AddWithValue("@name", name);
        cmd.Parameters.AddWithValue("@phone", Phone.Text);
        //cmd.Parameters.

       msg.Text = que;

        //cmd.ExecuteNonQuery();
    }
    catch(Exception err){
        msg.Text = err.Message;
        //msg.Text += query;
    }
}

output : i printed the "que" on a textbox and it shows as follows
UPDATE [user] SET [name]=@name,[phone]=@phone WHERE (id = 10),which means the parameter is not replaced by the actual value.please help

thank you for you time in advance

Edited 3 Years Ago by Dani: Formatting fixed

You will not see the change happen in that string. It happens at the database (or closer to the database).

This article has been dead for over six months. Start a new discussion instead.