0

how to validate sql statement

  1. hi, is there anyone who can help me in my problem?

    sql = "SELECT UserID, Status FROM tbl_User WHERE UserID = '" & strUserID & "' and Password = '" & strUserPW & "' "

i want to validate my sql statement using if no record found then msgbox else open new page.

thank you in advance!

#

2
Contributors
2
Replies
4
Views
4 Years
Discussion Span
Last Post by whitelion
0

You didn't mentioned the name of database product you've. However have a look at following code-snippet that uses ADO.NET SqlClient provider (for Microsoft SQL Server database):

string cnStr="your_connection_string";
bool isFound=false;
using(SqlConnection cn=new SqlConnection())
{
  using(SqlCommand cmd=new SqlCommand())
   {
     cn.ConnectionString=cnStr;
     cmd.Connection=cn;
     cmd.CommandText="SELECT UserID, Status FROM tbl_User WHERE UserID =@UserID and Password =@Password";

     cmd.Parameters.AddWithValue("@UserID",strUserID);
     cmd.Parameters.AddWithValue("@Password",strUserPW);

     cn.Open();
     SqlDataReader dr=cmd.ExecuteReader();
     if(dr.Read())
       isFound=true;
     dr.Close();
     cn.Close();
   }
}
if(isFound){
   //code
}

VB.NET

Dim cnStr="your_connection_string"
Dim isFound=false
Using cn as New SqlConnection()
  Using cmd as new SqlCommand()
     cn.ConnectionString=cnStr
     cmd.Connection=cn
     cmd.CommandText="SELECT UserID, Status FROM tbl_User WHERE UserID =@UserID and Password =@Password"

     cmd.Parameters.AddWithValue("@UserID",strUserID)
     cmd.Parameters.AddWithValue("@Password",strUserPW)

     cn.Open()
     Dim dr as SqlDataReader=cmd.ExecuteReader()
     if dr.Read() Then
       isFound=true
     End If  
     dr.Close()
     cn.Close()
  End Using
End Using
if isFound Then
   //code
End IF

Edited by __avd

0

i'm sorry i forgot. i'm using sql server 2008r2 and asp.net(vb.net) but would you mind if you make your code in vb.net format? coz im not familiar with c#

thank you once again, appreciate yout response

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.