I am writing Classic ASP program.In one function, I have to use 2 update statements to one table in one function. First Statement is update the quantity of invoice and second update statement is base on that update Purchase Order quantity and Purchase Requisition quantity, I need to update one flag field. Can I write in same function as following:
SET RS = app.Execute("SELECT PRInvoiceNo, Quantity FROM PurchaseOrderDetails WHERE CoID='" & param & "'")
do while RS.EOF=false
app.Execute("UPDATE PurchaseRequisitionDetails SET PO_Quantity = PO_Quantity + " & RS("Quantity") & " WHERE CoID='" & param & "' AND PRInvoiceNo = '" & RS("PRInvoiceNo") & "'")
app.Execute("UPDATE PurchaseRequisitionDetails SET FullyPaidFlag=CASE WHEN PO_Quantity >= Quantity THEN 1 ELSE 0 END WHERE CoID='" & param & "' AND PRInvoiceNo = '" & RS("PRInvoiceNo") & "'")
RS.MoveNext
loop
The problem is in the loop the first statement is properly worked. Second one not work. What can it be? Can I do like this or not?
Well, I have to go, but be sure to check the following:
Response.Write(RS.RecordCount) -- are there any records? Or, do a Response.Write("hello") inside the loop to make sure.
Check that RS("Quantity"), param, etc are not null. If they are, your string concatenation will result in a null string.
Also, please, please don't forget to escape your variables!
Replace(param, "'", "''")
Good night!
Related
I am trying to build a string that includes a newline character and is getting the weirdest result. This string is going to be stored in a SQL database to be later used as part of an email. My code is the following:
Dim strBody As String = "Andy," & Environment.NewLine
When I inspect the value of strBody during a debugging session, it is the following:
"Andy," & vbCrlf
I am obviously expecting is to be more like:
"Andy,"
Knowing that what is after the , is a hidden character.
Ultimately, the problem is... when I include strBody as part of my SQL insert statement, it literally shows up as the following within my SQL insert statement:
'Andy," & vbCrLf & "'
I was using this code yesterday and it worked fine. I am using similar code within another function of the same asp.net project and it works fine. I have tried using + instead of &, I have tried to use vbCrLf instead of Environment.NewLine, I have tried using stringbuilder, I have tried using string.concat. All with the same results where the & vbCrLf is included in strBody.
Is there a setting that I accidentally changed?
I know this is a weird one... Any help is greatly appreciated.
This is only Visual Studio showing you that there is new line character (vbCrLf or Environment.NewLine). If you use that string anywhere, it will be stored correctly.
I believe you will need to use some combination of Char(10) and Char(13):
Dim strBody As String = "'Andy,'" & " + CHAR(13)+CHAR(10) + "
There is a discussion about these and other methods on this thread.
You can do like this if you just need to insert Environment.NewLine inside database.
Dim a As String = """ & Environment.NewLine & """
Dim strBody As String = String.Format("Andy,{0}", a)
'"Andy," & Environment.NewLine & ""
I'm trying to enter a date that's in a textbox into a column of datetime type
The code is as follows
txtbookissue_date.Text = DateTime.Now.Date
txtbookreturn_date.Text = DateAdd(DateInterval.Day, 7, DateTime.Now.Date)
When I Insert these two values into a database, (insert into book....) values such as 17-02-1984 show up in the database rather than, say, 26-2-2015.
I did a little research and found out that SQL interprets it as "26 minus 2 minus 2015" rather than as a date.
Printing Date(txtbookissue_date.Text) gives correct results, the only problem is saving it into the database.
The solution for this was apparently to enclose the date in single quotes, i.e '26-2-2015' rather than just 26-2-2015, Since I'm using a date function I decided to change
txtbookissue_date.Text = DateTime.Now.Date
to
txtbookissue_date.Text= "'"+DateTime.Now.Date+"'"
but It returns an error, something similar to 'cannot convert varchar type to date type, out of range exception'
How do I fix this? any help would be appreciated.
txtbookissue_date.Text = DateTime.Now.Date
txtbookreturn_date.Text = DateAdd(DateInterval.Day, 10, DateTime.Now.Date)
Protected Sub btn_issue_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btn_issue.Click
con.Open()
cmd.CommandText = "insert into Book (book_id, book_name, book_author,publisher,mem_id,mem_name,issue_date,return_date) values('" & txtbookissue_id.Text & "','" & txtibookssue_name.Text & "','" & txtbookissue_author.Text & "','" & txtbookissue_publi.Text & "','" & txtbookissue_memid.Text & "','" & txtbookissue_memname.Text & "'," & txtbookissue_date.Text & "," & txtbookreturn_date.Text & ")"
cmd.Connection = con
cmd.ExecuteNonQuery()
con.Close()
Response.Redirect("Welcome.aspx")
End Sub
you are inserting date as a text. I mean while you need to insert it '2015-02-26' you are trying to insert it with another format. In fact you should use parameters with your sql query. Your sql statement should be something like that
insert into Book (book_id, book_name, book_author,publisher,mem_id,mem_name,issue_date,return_date) values(#book_id, #book_name, #book_author,#publisher,#mem_id,#mem_name,#issue_date,#return_date)
Before executing query you should set parameters in command object.
cmd.Parameters.AddWithValue("#return_date", DateAdd(DateInterval.Day, 10, Date.Now.Date))
For more information about using parameters with access you can take a look here
First of all, I would highly suggest using Paramaters.
Second, since you want to format your date into a string that is not the default culture. I would suggest you use String.Format() or ToString() (examples).
Since your database most likely expects a datetime. You could parse the string back to a DateTime using DateTime.ParseExact. Look at this answer for a howto.
Let me know if this helps, if not you need to supply us with more info.
You are putting string in a DateTime column, please convert the values back to their original types before putting them in the database.
DateTime issueDate = DateTime.Parse(txtbookissue_date.Text);
DateTime returnDate = DateTime.Parse(txtbookreturn_date.Text);
Private Sub cmdAdd_Click()
'add data to table
CurrentDb.Execute "INSERT INTO Products(ProductCode, ProductName, Category, UnitPrice, UnitCost, QuantityInStock, SupplierCode) " & _
" VALUES (" & Me.txtProductCode & " , '" & Me.txtProductName & "' , '" & Me.cboCategory & "' , '" & Me.txtUnitPrice & "' , '" & Me.txtUnitCost & "' , '" & Me.txtQuantityInStock & "' , '" & Me.cboSupplierCode & "')"
'refresh data on list of form
ProductsSub.Form.Requery
End Sub
the code above is suppose to record the data that has been input from the interface, but it does not do anything. The same format of code was used in a different form and it worked. Really weird, but i don't how it was possible.
You'll need to debug this. One of the values you are referencing visa the Me object is not resolving. Place a breakpoint on the CurrentDB.Execute command, and hover over each Me reference (i.e. Me.txtProductCode) to make sure it is obtaining the correct value for the insert. If you have moved this to a library, you may want to use CodeDB.Execute instead of CurrentDB.Execute. I would also check the table to see if the actual INSERT is working as there may be an issue with the Requery event.
if I don't enter anything in one of the textbox , ASP.NET can't tell an empty textbox and treat it at null... So anyone please help me how to detect an empty textbox and set that to null
i know that this code is ganna work well
If MUSIC_TITLE.Text.Trim() = "" Then
MUSIC_TITLE.Text = Nothing
End If
but i can't use be couse i have a lot of forms in my application so i need somthing or any function exist in the ASP.NET that can handel this
and thats for the insert in a requet the sql server
"insert into Reunion values(" & Convert.ToInt32(ID_Reunion.Text) & ",'" & d.ToString("MM/dd/yyyy") & "'," & Convert.ToInt32(ID_Membre.Text) & ",'" & Type_Reunion.Text & "','" & Session("Nom_GIAC") & "')"
and tnks
This sounds like you're trying to directly store the textbox values in your database.
Please don't do this. If you haven't already, learn about the high risk security threat of SQL Injection and parameterize your INSERTS and UPDATES.
Before setting the parameters, you can convert empty strings to Nothing if required.
Dim musicTitle as String = _
If(String.IsNullOrWhiteSpace(MUSIC_TITLE.Text), Nothing, MUSIC_TITLE.Text)
In your insert sp should be like:
create procedure Insert(#test varchar(50)=NULL)
as
begin
update foo set testCol=#test
end
In c#, use below code, when calling the sp and adding the parameters:
if(txt.Text!=String.Empty)
{
cmd.Parameters.Add("#test",SqlDBType.Varchar,20).Value=txt.Text;
}
I have this same type of loop running on several pages, but the one that I said I'd get done in 1 day just... Ignores the out.movenext and prints only the first result out of a possible 10 results until it crashes. The SQL is fine. I got it with a tracer.
Changes:
I originally had the movenext last before the loop - but moved it up one line for tracing. Tried (out = out.movenext , out = out.next) to see if it would do anything. And I tried putting an integer count in to have it stop after 20 loops so I can debug it faster. The int changes, the data prints, but out doesn't advance.
strSQL = "SELECT [RecordID],[SubmitDate],[DataEntered] FROM [ManagerFileReview] where submitdate = '" & timetap & "'"
out = cnt.execute(strSQL)
out.movefirst
response.write "<table>"
Do while not out.eof
response.write "<tr><td>"
response.write "<table><thead></thead>"
response.write "<tr><td>Submit Date:</td><td>" & out(1) & "</td></tr>"
response.write "<tr><td>Data Entered:</td><td>" & out(2) & "rrrrrrrrrrr</td></tr>"
out.movenext
response.write "passed movenext</table></td></tr>"
loop
response.write "</table>"
Edit: Forgot the "SET" before the cnt.execute
The logic looks OK, unless I'm missing something. Even though out isn't listed as a reserved word with MS, I do wonder if it's the problem.
Found it.
Didn't have SET before the out = cnt.execute(strSQL)
Should have been
set out = cnt.execute(strSQL)