if (CheckBox1.Checked==false)
{
String strConnString = ConfigurationManager.ConnectionStrings["CallcenterConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strConnString);
SqlCommand cmd = new SqlCommand("insert into CallCenter..Loy_DispMstr (CallType, SUBFormat, Disposition, SubDisposition) values (#CallType, #Format, #Disposition, #SubDisposition)", con);
cmd.Parameters.AddWithValue("CallType" , SqlDbType.VarChar).Value = ddlCalltype.SelectedItem.Value;
cmd.Parameters.AddWithValue("SUBFormat", SqlDbType.VarChar).Value = ddlFormat.SelectedItem.Value;
cmd.Parameters.AddWithValue("Disposition", SqlDbType.VarChar).Value = ddlDisp.SelectedItem.Value;
cmd.Parameters.AddWithValue("SubDisposition", SqlDbType.VarChar).Value = ddlSubdisp.SelectedItem.Value;
con.Open();
int i = cmd.ExecuteNonQuery();
con.Close();
Label2.Text = " Your data is been saved in the database";
Label2.ForeColor = System.Drawing.Color.ForestGreen;
}
else if(flag==0 && CheckBox1.Checked==true)
{
String strConnString = ConfigurationManager.ConnectionStrings["CallcenterConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strConnString);
SqlCommand cmd = new SqlCommand("insert into CallCenter..Loy_DispMstr (CallType, SUBFormat,Disposition, SubDisposition) values (#CallType, #Format,#Disposition, #SubDisposition)", con);
cmd.Parameters.AddWithValue("CallType", SqlDbType.VarChar).Value= ddlCalltype.Text;
cmd.Parameters.AddWithValue("SUBFormat", SqlDbType.VarChar).Value= ddlFormat.Text;
cmd.Parameters.AddWithValue("Disposition", SqlDbType.VarChar).Value= TextBox1.Text;
cmd.Parameters.AddWithValue("SubDisposition", SqlDbType.VarChar).Value= TextBox2.Text;
con.Open();
int i = cmd.ExecuteNonQuery();//error on this
con.Close();
}
}
the error is on the executenonquery
the error is on the executenonquery
the error is on the executenonquery
the error is on the executenonquery
Try this it will work for you :
if (CheckBox1.Checked == false)
{
String strConnString = ConfigurationManager.ConnectionStrings["CallcenterConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strConnString);
SqlCommand cmd = new SqlCommand("insert into CallCenter..Loy_DispMstr (CallType, SUBFormat, Disposition, SubDisposition) values (#CallType, #Format, #Disposition, #SubDisposition)", con);
cmd.Parameters.Add("#CallType", ddlCalltype.SelectedItem.Value);
cmd.Parameters.Add("#Format", ddlFormat.SelectedItem.Value);
cmd.Parameters.Add("#Disposition", ddlDisp.SelectedItem.Value);
cmd.Parameters.Add("#SubDisposition", ddlSubdisp.SelectedItem.Value);
con.Open();
int i = cmd.ExecuteNonQuery();
con.Close();
Label2.Text = " Your data is been saved in the database";
Label2.ForeColor = System.Drawing.Color.ForestGreen;
}
else if (flag == 0 && CheckBox1.Checked == true)
{
String strConnString = ConfigurationManager.ConnectionStrings["CallcenterConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strConnString);
SqlCommand cmd = new SqlCommand("insert into CallCenter..Loy_DispMstr (CallType, SUBFormat,Disposition, SubDisposition) values (#CallType, #Format,#Disposition, #SubDisposition)", con);
cmd.Parameters.Add("#CallType", ddlCalltype.Text);
cmd.Parameters.Add("#Format", ddlFormat.Text);
cmd.Parameters.Add("#Disposition", TextBox1.Text);
cmd.Parameters.Add("#SubDisposition", TextBox2.Text);
con.Open();
int i = cmd.ExecuteNonQuery();//error on this
con.Close();
}
Related
I'm getting the above error in this code`
protected void btnsubmit_Click(object sender, EventArgs e)
{
string veturaid = Request.QueryString["VetID"].ToString();
int vetuid = int.Parse(veturaid);
SqlConnection con = new SqlConnection("Data Source=DESKTOP-SUV91Q2\\AGONAJREDINI;Initial Catalog=VeturaOnline;Integrated Security=True; MultipleActiveResultSets=true ");
con.Open();
SqlCommand cmd = new SqlCommand("Select PerdID from Perdoruesit where Username='" + btnuser.Text + "'", con);
SqlDataReader reader = cmd.ExecuteReader();
string str = "";
while (reader.Read())
{
str = (reader["PerdID"].ToString());
id = int.Parse(str);
}
SqlCommand cmd2 = new SqlCommand("Select * from Veturat where VetID='" + vetuid + "'", con);
SqlDataReader reader1 = cmd2.ExecuteReader();
string modeli = "";
while (reader1.Read())
{
modeli = (reader["Modeli"].ToString());
}
reader1.Close();`
I'm getting the error at this line modeli = (reader["Modeli"].ToString());
Any idea why it is happening? Thank you in advance.
public partial class AddToCart : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
DataTable dt = new DataTable();
DataRow dr;
dt.Columns.Add("sno");
dt.Columns.Add("ProductID");
dt.Columns.Add("ProductName");
dt.Columns.Add("Price");
dt.Columns.Add("ProductImage");
dt.Columns.Add("Cost");
dt.Columns.Add("TotalCost");
if (Request.QueryString["id"] != null)
{
if (Session["Buyitems"] == null)
{
dr = dt.NewRow();
String mycon = "Data Source=DESKTOP-8C66I6S/SQLEXPRESS;Initial Catalog=haritiShopping;Integrated Security=True";
SqlConnection scon = new SqlConnection(mycon);
String myquery = "select * from productdetail where ProductID=" + Request.QueryString["id"];
SqlCommand cmd = new SqlCommand();
cmd.CommandText = myquery;
cmd.Connection = scon;
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = cmd;
DataSet ds = new DataSet();
da.Fill(ds);
dr["sno"] = 1;
dr["ProductID"] = ds.Tables[0].Rows[0]["ProductID"].ToString();
dr["ProductName"] = ds.Tables[0].Rows[0]["ProductName"].ToString();
dr["ProductImage"] = ds.Tables[0].Rows[0]["ProductImage"].ToString();
dr["Price"] = ds.Tables[0].Rows[0]["Price"].ToString();
dt.Rows.Add(dr);
GridView1.DataSource = dt;
GridView1.DataBind();
Session["buyitems"] = dt;
}
else
{
dt = (DataTable)Session["buyitems"];
int sr;
sr = dt.Rows.Count;
dr = dt.NewRow();
String mycon = "Data Source=DESKTOP-8C66I6S/SQLEXPRESS;Initial Catalog=haritiShopping;Integrated Security=True";
SqlConnection scon = new SqlConnection(mycon);
String myquery = "select * from productdetail where ProductID=" + Request.QueryString["id"];
SqlCommand cmd = new SqlCommand();
cmd.CommandText = myquery;
cmd.Connection = scon;
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = cmd;
DataSet ds = new DataSet();
da.Fill(ds);
dr["sno"] = sr + 1;
dr["ProductID"] = ds.Tables[0].Rows[0]["ProductID"].ToString();
dr["ProductName"] = ds.Tables[0].Rows[0]["ProductName"].ToString();
dr["ProductImage"] = ds.Tables[0].Rows[0]["ProductImage"].ToString();
dr["Price"] = ds.Tables[0].Rows[0]["Price"].ToString();
dt.Rows.Add(dr);
GridView1.DataSource = dt;
GridView1.DataBind();
Session["buyitems"] = dt;
}
}
else
{
dt = (DataTable)Session["buyitems"];
GridView1.DataSource = dt;
GridView1.DataBind();
Update your connection string like below. You are missing to specify whether you want to use Windows Authentication or User Id & Password.
For Windows Authentication use Integrated Security=SSPI as below :
String mycon = "Data Source=DESKTOP-8C66I6S/SQLEXPRESS;Initial Catalog=haritiShopping;Integrated Security=SSPI";
For Authentication with User Id & Password add User Id & Password as below. Use original user id and password. I have taken sa for example. :
String mycon = "Data Source=DESKTOP-8C66I6S/SQLEXPRESS;Initial Catalog=haritiShopping;Integrated Security=True;user id=sa;password=sa";
Also you need to open connection with
SqlConnection scon = new SqlConnection(mycon);
scon.Open(); //Open connection
P.S. It is always recommended to Close connection too. Add scon.Open(); after da.Fill(ds); line. Why always close Database connection?
.
da.Fill(ds);
scon.Close(); //Close connection
I want to Implement multiple search query system in Asp.Net where search input are in form of TEXTBOX and DROPDOWN LIST. Query should work in combination or indivisually to filter the data from SQL Server
and show in Gridview.
This Code Snippet is for filtering two Dropdown values:
if (Agree_type_srch.SelectedValue != null || Status_srch.SelectedValue != null)
{
if (Agree_type_srch.SelectedValue != null)
{
string connString = #"data source=ABC; database=XYZ; user id=sa; password=1234;";
SqlConnection conn = new SqlConnection(connString);
SqlCommand com = new SqlCommand("Select *from EntryDatabase where Agree_type ='" + Agree_type_srch.SelectedItem.Text + "'", conn);
SqlDataAdapter sqldatad = new SqlDataAdapter();
DataSet ds = new DataSet();
com.Connection = conn;
sqldatad.SelectCommand = com;
using (DataTable dt = new DataTable())
{
sqldatad.Fill(dt);
GridView1.DataSource = dt;
GridView1.DataBind();
}
}
else if (Status_srch.SelectedValue != null)
{
string connString = #"data source=ABC; database=XYZ; user id=sa; password=1234;";
SqlConnection conn = new SqlConnection(connString);
SqlCommand com = new SqlCommand("Select *from EntryDatabase where Curnt_St ='" + Status_srch.SelectedItem.Text + "'", conn);
SqlDataAdapter sqldatad = new SqlDataAdapter();
DataSet ds = new DataSet();
com.Connection = conn;
sqldatad.SelectCommand = com;
using (DataTable dt = new DataTable())
{
sqldatad.Fill(dt);
GridView1.DataSource = dt;
GridView1.DataBind();
}
}
if (Agree_type_srch.SelectedItem.Text != null && Status_srch.SelectedItem.Text != null)
{
string connString = #"data source=ABC; database=XYZ; user id=sa; password=1234;";
SqlConnection conn = new SqlConnection(connString);
SqlCommand com = new SqlCommand("Select * from EntryDatabase where Agree_type ='" + Agree_type_srch.SelectedItem.Text + "'and Curnt_St ='" + Status_srch.SelectedItem.Text + "'", conn);
SqlDataAdapter sqldatad = new SqlDataAdapter();
DataSet ds = new DataSet();
com.Connection = conn;
sqldatad.SelectCommand = com;
using (DataTable dt = new DataTable())
{
sqldatad.Fill(dt);
GridView1.DataSource = dt;
GridView1.DataBind();
}
}
...
First, using string concatenation to provide parameters can result in SQL injection, use SqlParameter to pass parameters would be better.
Second, consider to warp all SqlClient classes by using scope so you don't have to worry close/dispose.
Lastly, For your question, you can use WHERE 1=1 then append any conditions you need.
Take your code as instance.
string connString = #"data source=ABC; database=XYZ; user id=sa; password=1234;";
using (SqlConnection conn = new SqlConnection(connString))
{
conn.Open();
string query = "SELECT * FROM EntryDatabase WHERE 1=1";
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = conn;
if (Agree_type_srch.SelectedValue != null)
{
query += " AND Agree_type = #agree_type";
cmd.Parameters.AddWithValue("agree_type", Agree_type_srch.SelectedValue);
}
if (Status_srch.SelectedValue != null)
{
query += " AND Curnt_St = #curnt_st";
cmd.Parameters.AddWithValue("curnt_st", Status_srch.SelectedValue);
}
cmd.CommandText = query;
using (SqlDataAdapter sqldatad = new SqlDataAdapter())
{
DataSet ds = new DataSet();
sqldatad.SelectCommand = cmd;
using (DataTable dt = new DataTable())
{
sqldatad.Fill(dt);
GridView1.DataSource = dt;
GridView1.DataBind();
}
}
}
}
con = new SqlConnection(s);
con.Open();
if (RadioButtonList1.SelectedIndex == 0)
{
cmd = new SqlCommand("select [Item] from Veg_Items", con);
da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds, "[Item]");
DropDownList1.DataSource = ds.Tables[0];
DropDownList1.DataBind();
}
else if (RadioButtonList1.SelectedIndex == 1)
{
cmd = new SqlCommand("select [Item] from NonVeg_Items", con);
da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds, "[Item]");
DropDownList1.DataSource = ds.Tables[0];
DropDownList1.DataBind();
}
con.Close();
}
I have items in my table and I need my items to be displayed in Dropdownlist once I select any value in RadioButtonList.
I also visualized the items in ds.Tables[0] line but I can't bind them to Dropdownlist.
con.Open();
if (RadioButtonList1.SelectedIndex == 0)
{
cmd = new SqlCommand("select [Item] from [Veg_Items]", con);
SqlDataReader dr = cmd.ExecuteReader();
List<Object> lt = new List<Object>();
if (dr.HasRows)
{
while (dr.Read())
{
lt.Add(dr["Item"].ToString());
}
}
DropDownList1.DataSource = lt;
DropDownList1.DataBind();
}
else if (RadioButtonList1.SelectedIndex == 1)
{
cmd = new SqlCommand("select [Item] from [NonVeg_Items]", con);
SqlDataReader dr = cmd.ExecuteReader();
List<Object> lt = new List<Object>();
if (dr.HasRows)
{
while (dr.Read())
{
lt.Add(dr["Item"].ToString());
}
}
DropDownList1.DataSource = lt;
DropDownList1.DataBind();
}
con.Close();
private void txtBoxSearch_TextChanged(object sender, EventArgs e)
{
AutoCompleteStringCollection namecollection = new AutoCompleteStringCollection();
SqlConnection con = new SqlConnection("connectionn string");
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.Text;
string searchFor = "%" + txtBoxSearch.Text + "%";
com.CommandText = "select cust_nm from Customer_Info where (cust_nm LIKE ' % " + searchFor + " %') ";
con.Open();
cmd.Parameters.AddWithValue("#name", searchFor);
SqlDataReader rea = cmd.ExecuteReader();
if (rea.HasRows == true)
{
while (rea.Read())
namecollection.Add(rea["name"].ToString());
}
rea.Close();
txtBoxSearch.AutoCompleteMode = AutoCompleteMode.Suggest;
txtBoxSearch.AutoCompleteSource = AutoCompleteSource.CustomSource;
txtBoxSearch.AutoCompleteCustomSource = namecollection;
}
i want textbox which is act as a search option
A few problems here
You set the CommandText on com but execute cmd
You set % both on the variable and on the CommandText
You add a parameter but you don't have the parameter in the CommandText