hi,
i have a drop down list populated with column names of tbl_student and a text box for searching specific value coresponding to the value selected in drop down list
i do not have much knowlewdge about qureies might b m lacking there
error is Incorrect syntax near '='
my code is

private void Search(string field)
    {


        DataTable dt = new DataTable();
        SqlConnection connection = new SqlConnection(GetConnectionString());
        try
        {
            connection.Open();
            //string sqlStatement = "SELECT * FROM tbl_student WHERE student_id = @student_id";
            string strQuery = "SELECT * FROM tbl_student WHERE" + ddl_SearchBy.SelectedValue + "= @" + ddl_SearchBy.SelectedValue + "";
            SqlCommand sqlCmd = new SqlCommand(strQuery, connection);
            sqlCmd.Parameters.AddWithValue("@" + ddl_SearchBy.SelectedValue+"", field);
            SqlDataAdapter sqlDa = new SqlDataAdapter(sqlCmd);
            sqlDa.Fill(dt);
            if (dt.Rows.Count > 0)
            {
                GridView1.DataSource = dt;
                GridView1.DataBind();
            }
            else
            {
            }
            // NO RECORDS FOUND
        }
        catch (System.Data.SqlClient.SqlException ex)
        {
            string msg = "Fetch Error:";
            msg += ex.Message;
            throw new Exception(msg);
        }
        finally
        {
            connection.Close();
        }
    }

Recommended Answers

All 3 Replies

The error is caused by this

"SELECT * FROM tbl_student WHERE" + ddl_SearchBy.SelectedValue + "= @" + ddl_SearchBy.SelectedValue + ""

Pretend the SelectedValue is the word 'Tuesday' (without the quotes. This becomes

"SELECT * FROM tbl_student WHERETuesday= @Tuesday"

Do you see what you are missing?

I also don't think your line 13 is doing what you think it is doing.

yup u are right m not kid of a professional:P so i just made this logic on own as line number 10 is working fine so i think line number should also work ill check for the space after WHERE
and as far as line number 13 concern i also applied dsame logic there like
sqlCmd.Parameters.AddWithValue("@student_id, field);
so i replaces the hardcore value by the ddl value

Hey Momerath
you pointed out the right thing a space was creating a mess and line number 13 is also working fine now i have removed tha last "" from line 13 and 11
thanks for concerning man!
where can i find solved option?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.