I'm testing the following query to update the columns in a SQL Server database, reporting the following code:
data1 = textbox
data2 = TextBox2
using ms as new MemoryStream ()
DirectCast (picturebox1.image, botmap) .save (ms currentFormat)
image = ms.toArray ()
end using
Dim param as SqlParameter () = _
new SqlParameter () {new SqlParameter ("# data1", _
data1), new SqlParameter ("# data2", data2), new SqlParameter ("# image", image)}
mcmd.commandText = "update set table column1 = '" + data1 + "', column2 '" + data1 + "'"
mcmd.parameters.add ("# image", SqlDbType.varbinary, 8000) .Value = image
The line of code only updates the values data1 and data2 but the image is not updated
How can I fix this?
Look at your UPDATE statement below; it doesn't looks correct at all syntactically, and you are missing = after column2
mcmd.commandText = "update set table column1 = '" + data1 + "', column2 '" + data1 + "'"
It should be
mcmd.commandText = "update table_name set column1 = '" + data1 + "', column2 = '" + data2 + "'"
Also, you have already declared parameters for the values, so use them in your UPDATE statement
mcmd.commandText = "update table_name set column1 = #data1, column2 = #data2
Related
I am working on a grid view update but System.Data.OleDb.OleDbException: 'Data type mismatch in criteria expression error. Please someone help.
protected void ResultGridView_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
TextBox txtFName2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtFName");
TextBox txtDate2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtSM");
TextBox txtCaseType2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtCaseType");
TextBox txtFileno2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtFileno");
TextBox txtCustName2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtCustName");
TextBox txtAddress2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtCustName");
TextBox txtConno2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtConno");
TextBox txtPlotarea2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtPlotarea");
TextBox txtPlotRate2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtPlotRate");
TextBox txtconstarea2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtconstarea");
TextBox txtConstFloor2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtConstFloor");
TextBox txtconstrate2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtconstrate");
TextBox txtPlotvalue2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtPlotvalue");
TextBox txtconstvalue2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtconstvalue");
TextBox txttotalvalue2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txttotalvalue");
TextBox txtRemarks2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtRemarks");
**TextBox txtDatee2 = (TextBox)ResultGridView.Rows[e.RowIndex].FindControl("txtDate2");**
string da = txtDatee2.Text.ToString();
DateTime dt =
DateTime.ParseExact(da, "dd-MM-yyyy HH:mm:ss", CultureInfo.InvariantCulture);
string dateshort = dt.ToShortDateString();
string ID = ResultGridView.DataKeys[e.RowIndex].Values[0].ToString();
cmd.Connection = conn;
cmd.CommandText = "UPDATE Final SET Finance ='" + txtFName2.Text + "' ,SM ='" + txtDate2.Text + "',Case_Type ='" + txtCaseType2.Text + "',File_no ='" + txtFileno2.Text + "',Cust_Name ='" + txtCustName2.Text + "' ,Address ='" + txtAddress2.Text + "',Con_no ='" + txtConno2.Text + "' ,Plot_area ='" + txtPlotarea2.Text + "' ,Plot_Rate ='" + txtPlotRate2.Text + "' ,const_area ='" + txtconstarea2.Text + "' ,Const_Floor ='" + txtConstFloor2.Text + "' ,const_rate ='" + txtconstrate2.Text + "' ,Plot_value ='" + txtPlotvalue2.Text + "' ,const_value ='" + txtConno2.Text + "' ,total_value ='" + txttotalvalue2.Text + "' ,Remarks ='" + txtRemarks2.Text + "'**,Date2 = '"+ dateshort +"'** WHERE ID=" + ID + "";
conn.Open();
cmd.ExecuteNonQuery();
ResultGridView.EditIndex = -1;
FillVendorGrid();
conn.Close();
}
At least, first text expressions for date values should be formatted as to the ISO sequence:
string dateshort = dt.ToString("yyyy'/'MM'/'dd");
second, in Access, these must be wrapped in octothorpes:
"', Date2 = #" + dateshort + "# WHERE ID="
This must be modified for other datetime fields as well.
Or, do your self a big favour and turn to call a parameterised query.
This is my code:
SqlConnection connection = new SqlConnection(global::Registro_Elettronico_Reperti.Properties.Settings.Default.Registro_RepertiConnectionString);
string sql = "UPDATE Registro_Reperti SET [Ritirato da]='" + cbox_competenza.Text + "', Operatore='" + txt_operatore.Text + "', PerID= '" + txt_perid + "', Ritirato = 'Si' WHERE Id=?????";
System.Data.SqlClient.SqlCommand exeSql = new System.Data.SqlClient.SqlCommand(sql, connection);
connection.Open();
exeSql.ExecuteNonQuery();
MessageBox.Show("Operazione completata", "Messaggio", MessageBoxButtons.OK, MessageBoxIcon.Information);
How to get the id of the row in the WHERE clause??
In c# Windows Forms:
I'm having trouble adding a sql query result as text to a ToolStripMenuItem.Text.
The ToolStripMenuItem title should be, the company + how many orders there are in the sql table for this company which should update every x secounds.
Every 5 seconds it adds the query result to the text. My problem is that is "adds" it.
After the first 5 seconds it looks OK "rexton 1" but 5 seconds after it shows "rexton 1 1" and so on...
Here is my code:
//Rexton ordre klar til bestilling
SqlConnection con = new SqlConnection(#"Data Source=" + globalvariables.hosttxt + "," + globalvariables.porttxt + "\\SQLEXPRESS;Database=ha;Persist Security Info=false; UID='" + globalvariables.user + "' ; PWD='" + globalvariables.psw + "'");
SqlCommand command = con.CreateCommand();
command.CommandText = "SELECT COUNT(*) from bestillinger WHERE firma = #rexton and udlevering BETWEEN #date and #dateadd";
command.Parameters.AddWithValue("#bernafon", "Bernafon");
command.Parameters.AddWithValue("#gn_resound", "GN Resound");
command.Parameters.AddWithValue("#oticon", "Oticon");
command.Parameters.AddWithValue("#phonak", "Phonak");
command.Parameters.AddWithValue("#rexton", "Rexton");
command.Parameters.AddWithValue("#siemens", "Siemens");
command.Parameters.AddWithValue("#widex", "Widex");
con.Open();
command.ExecuteNonQuery();
string result = command.ExecuteScalar().ToString();
con.Close();
if (result != "0")
{
rextonToolStripMenuItem.Text = rextonToolStripMenuItem.Text + " " + result;
rextonToolStripMenuItem.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF1919");
}
it is because you are setting rextonToolStripMenuItem.Text to rextonToolStripMenuItem.Text + " " + result which is appending to previous text
either set text to blank and set it again or just say
rextonToolStripMenuItem.Text = "rexton " + result
Is there any way to get the table adapter to insert the values already in the dataset I pass it when inserting new rows?
I am synchronising two databases and this would be useful.
Here is currently how I am trying to do it but it auto increments and creates new identity values.
Dim dAdapterConstraints As New SqlClient.SqlDataAdapter("SELECT * FROM " + Tablename, _oConn)
Dim builder As SqlCommandBuilder = New SqlCommandBuilder(dAdapterConstraints)
builder.QuotePrefix = "["
builder.QuoteSuffix = "]"
dAdapterConstraints.InsertCommand = builder.GetInsertCommand
Dim insertcommandstr As String = dAdapterConstraints.InsertCommand.CommandText.Substring(0, dAdapterConstraints.InsertCommand.CommandText.IndexOf("(") + 1) + " [" + Primarykey + "], " + dAdapterConstraints.InsertCommand.CommandText.Substring(dAdapterConstraints.InsertCommand.CommandText.IndexOf("(") + 1, dAdapterConstraints.InsertCommand.CommandText.Length - (dAdapterConstraints.InsertCommand.CommandText.IndexOf("(") + 1))
insertcommandstr = insertcommandstr.Replace("#p1", "#po1, #p1")
dAdapterConstraints.InsertCommand.Parameters.Add("#po1", getdbtype(dataset.Tables(0).Columns(Primarykey).DataType), dataset.Tables(0).Columns(Primarykey).MaxLength, Primarykey)
insertcommandstr = "SET IDENTITY_INSERT [" + Tablename + "] ON " + insertcommandstr + " SET IDENTITY_INSERT [" + Tablename + "] OFF"
dAdapterConstraints.InsertCommand.CommandText = insertcommandstr
dataset.EnforceConstraints = False
' opens connection
'fills dataset with results
Try
For Each row As DataRow In dataset.Tables(0).Rows
row.SetAdded()
Next
dAdapterConstraints.Update(dataset)
Catch ex As Exception
_oConn.Close()
MsgBox("Could not execute query on server database," + ex.ToString + ";Updating and inserting")
Return False
End Try
SqlDataAdapter da =
new SqlDataAdapter("SELECT *
FROM Patient
Where Registration_Id = '" + textBox1.Text + "'
OR Patient_Name = '" + textBox1.Text + "'", cn);
How to search int or string in all fields?
Edit code:
if (comboBox1.Text == "Registration_Id")
{
da = new SqlDataAdapter("SELECT *
FROM Patient
Where Registration_Id = '" + textBox1.Text + "'", cn);
}
else if (comboBox1.Text == "Patient_Name")
{
da = new SqlDataAdapter("SELECT *
FROM Patient
Where Patient_Name = '" + textBox1.Text + "'", cn);
}
For one that method can be subject to SQL injection attack so you need to sanitize it. Otherwise one solution (after you check for attacks) is:
SELECT *
FROM Patient
Where column1 like "'%" + textBox1.Text + "%'"
or column2 like "'%" + textBox1.Text + "%'"
......
or columnn like "'%" + textBox1.Text + "%'"
This can be made simpler by the fact that if they don't know the id of the item then don't check that column. Otherwise have a dropdown that chooses which column they are searching by.