Member Avatar for SukhyDean

Hey guys,
I urgently need your help. Just stuck in the develpment of my website.
My problem is as follows:-
I am using asp:hyperlink in my masterpage as--

 <asp:HyperLink ID="HyperLink9" runat="server" Text="Expert" 
                    Font-Underline="False" ForeColor="White" 
                    NavigateUrl="~/exam.aspx?cat=css_ex" ToolTip="Expert in CSS?"></asp:HyperLink>

and in exam.aspx page , i am retrieving the values from exam table in exam.mdf database depending on the comparison of querystring value of "cat" with column name "category" of the table "exam" as--

 cmd.CommandText = "select * from exam where category = " + Request.QueryString["cat"].ToString() ;

now on running the website ,the error comes as --
Invalid column name 'css_ex'...
I am not able to understand the situation. Please guys help me as soon as possible.
Thanks in advance.

Edited by kvprajapati because: Added [code] tags.
  • 3 Contributors
  • 3 Replies
  • 195 Views
  • 13 Hours Discussion Span
  • Latest Post Latest Post by SukhyDean

Recommended Answers

All 3 Replies

Member Avatar for michelleradu

Try to put single quotes around the value you're testing in the where clause of the query:
cmd.CommandText = "select * from exam where category = '" + Request.QueryString["cat"].ToString() + "'" ;

Member Avatar for kvprajapati

Never use hard-coded sql strings. Always use Parameters.

cmd.CommandText = "select * from exam where category=@category";
cmd.Parameters.AddWithValue("@category",Request.QueryString["cat"]);
Member Avatar for SukhyDean

thnks man

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.