hello I'm using oracle & vb.net
this is my code for select statement and I want to display the selected date from interface which i use Basic Date Picker and i assign that as bdp1
Dim queryString As String = "select * from abc where (tran_dttm <= to_date( '" & bdp1 & "' ,'MM/DD/YYYY') and tran_dttm > to_date( '" & bdp1 & "' ,'MM/DD/YYYY')and lpt = '" & ListBox1 & "' and device = '" & strMaterial & "')"
select * from abc where trunc (tran_dttm) = to_date('" & bdp1 & "','MM/DD/YYYY')
Parameters should be prefixed with the : and should be included as text directly in the command. It is the job of the framework to pass them with their values to the database engine
Private Function GetDate(ByVal strMaterial As String, ByVal ListBox1 As String, ByVal bdp1 As Date) As DataSet
Dim connectionString As String = "Data Source = ***; User ID = ***; Password = **;"
Dim queryString As String = "BEGIN select * from abc " & _
"where (tran_dttm <= to_date(:bdp1,'MM/DD/YYYY') and " & _
"tran_dttm > to_date(:bdp1 ,'MM/DD/YYYY') and " & _
"lpt = :lb1 and device = :mat); END;"
Using sqlConnection = New OracleClient.OracleConnection(connectionString)
Using sqlCommand = New OracleClient.OracleCommand(queryString, sqlConnection)
sqlCommand.CommandTimeout = 0
sqlCommand.Parameters.Add(New OracleParameter(":bdp1", OracleType.DateTime)).Value = bdp1
sqlCommand.Parameters.Add(New OracleParameter(":lb1", OracleType.VarChar)).Value = lstBox1.SelectedItem.ToString
sqlCommand.Parameters.Add(New OracleParameter(":mat1", OracleType.VarChar)).Value = strMaterial
Dim dataAdapter As OracleClient.OracleDataAdapter = New OracleClient.OracleDataAdapter(sqlCommand)
Dim dataSet As DataSet = New DataSet
dataAdapter.Fill(dataSet)
Return dataSet
End Using
End Using
End Function
The ListBox1 is wrong if it is a control. You should use the SelectedItem property as value for the parameter (a bit of error checking is needed though)
Related
I have method to fill DataGridView from SQL server database between tow dates my date column date in database is Date in this format "dd/MM/yyyy h:mm:ss tt", and this is the query:
Const sql As String = "SELECT * FROM money_sent WHERE date BETWEEN '2016-08-01 04:01:59.000' AND '2016-09-10 04:02:05.000'"
until now everything perfect , when I tried to use datetimepicker I get 2 errors:
"Constant expression is required"(for picker 1)
"Constant expression is required"(for picker 2)
Const sql As String = "SELECT * FROM money_sent WHERE date BETWEEN '" & DateTimePicker1.Value & "' AND '" & DateTimePicker1.Value & "'"
After this I tried to do this:
Dim date1 As DateTime = DateTimePicker1.Value
Dim date2 As DateTime = DateTimePicker2.Value
Const sql As String = "SELECT * FROM money_sent WHERE date BETWEEN '" & date1 & "' AND '" & date2 & "'"
Now I getting this error:
Failed to emit module'WindowsApplication.exe' (BC36970 Visual Basic AND VB.NET Failed to emit module.)
What I can do in this situation please help
This is the method code :
If Conn.State = ConnectionState.Open Then
Conn.Close()
End If
Conn.Open()
Dim date1 As DateTime = DateTimePicker1.Value
Dim date2 As DateTime = DateTimePicker2.Value
Const sql As String = "SELECT * FROM money_sent WHERE date BETWEEN '" & date1 & "' AND '" & date2 & "'"
Dim adt As New SqlDataAdapter(sql, Conn)
Dim dt As New DataTable
adt.Fill(dt)
Dim i As Integer
For i = 0 To dt.Rows.Count - 1
MetroGrid2.Rows.Add()
MetroGrid2.Rows(i).Cells(1).Value = dt.Rows(i).ItemArray(1)
Dim cell As DataGridViewComboBoxCell = DirectCast(MetroGrid2.Rows(i).Cells(2), DataGridViewComboBoxCell)
cell.Value = dt.Rows(i).ItemArray(2)
MetroGrid2.Rows(i).Cells(3).Value = dt.Rows(i).ItemArray(3)
MetroGrid2.Rows(i).Cells(4).Value = dt.Rows(i).ItemArray(4)
'DataGridView1.Rows(i).Cells(4).Value = "DELETE"
MetroGrid2.Rows(i).Cells(5).Value = dt.Rows(i).ItemArray(5)
MetroGrid2.Rows(i).Cells(6).Value = dt.Rows(i).ItemArray(6)
MetroGrid2.Rows(i).Cells(7).Value = dt.Rows(i).ItemArray(7)
MetroGrid2.Rows(i).Cells(8).Value = dt.Rows(i).ItemArray(8)
MetroGrid2.Rows(i).Cells(9).Value = dt.Rows(i).ItemArray(9)
MetroGrid2.Rows(i).Cells(10).Value = dt.Rows(i).ItemArray(10)
MetroGrid2.Rows(i).Cells(12).Value = dt.Rows(i).ItemArray(12)
MetroGrid2.Rows(i).Cells(13).Value = dt.Rows(i).ItemArray(0)
Next
Conn.Close()
I have a shopping cart page which lists 12 books with 12 buttons assigned each to a book item, the user is able to click each button and add the price and qty to a Session in VB. So if a customer wants to order all 12 books they would click all twelve buttons and the price and qty of each product would be added to a Session. My problem is when the customer completes the form validation how do I assign all 12 items with their sessions to a MS Access database in a single transaction using session.id?
Protected Sub order_Click(ByVal sender As Object, ByVal e As System.EventArgs)
If (Page.IsValid) Then
Dim strSessionID As String
strSessionID = Session.SessionID
Dim strFullname As String
Dim strAddress As String
Dim strPostcode As String
Dim intCardNo As Long
Dim strCardType As String
Dim dateOfOrder As Date
dateOfOrder = Session("dateOfOrder")
Dim dblTotalCost As String
dblTotalCost = Session("dblTotalCost")
Dim intProduct001 As String
intProduct001 = Session("product001")
Dim intProduct002 As Integer
intProduct002 = Session("product002")
Dim intProduct003 As Integer
intProduct003 = Session("product003")
Dim intProduct004 As Integer
intProduct004 = Session("product004")
Dim intProduct005 As Integer
intProduct005 = Session("product005")
Dim intProduct006 As Integer
intProduct006 = Session("product006")
Dim intProduct007 As Integer
intProduct007 = Session("product007")
Dim intProduct008 As Integer
intProduct008 = Session("product008")
Dim intProduct009 As Integer
intProduct009 = Session("product009")
Dim intProduct010 As Integer
intProduct010 = Session("product010")
Dim intProduct011 As Integer
intProduct011 = Session("product011")
Dim intProduct012 As Integer
intProduct012 = Session("product012")
strFullname = fullname.Text
Session("fullname") = strFullname
strAddress = address.Text
Session("address") = strAddress
strPostcode = postcode.Text
Session("postcode") = strPostcode
intCardNo = cardN0.Text
Session("CardN0") = intCardNo
strCardType = cardType.Text
Session("CardType") = strCardType
Dim strDatabaseNameAndLocation As String
strDatabaseNameAndLocation = Server.MapPath("ecommerceDatabase.mdb")
Dim strSQLCommand As String
strSQLCommand = "INSERT INTO Orders(SessionID, orderDate, orderTotal ) " & _
"Values ('" & strSessionID & "','" & dateOfOrder & "','" & dblTotalCost & "');"
Dim objOleDbConnection As System.Data.OleDb.OleDbConnection
objOleDbConnection = New System.Data.OleDb.OleDbConnection("Provider=Microsoft.Jet.Oledb.4.0; Data Source=" & strDatabaseNameAndLocation)
objOleDbConnection.Open()
Dim objOleDbCommand As System.Data.OleDb.OleDbCommand
objOleDbCommand = New System.Data.OleDb.OleDbCommand(strSQLCommand, objOleDbConnection)
objOleDbCommand.ExecuteNonQuery()
objOleDbConnection.Close()
Dim strDatabaseNameAndLocation2 As String
strDatabaseNameAndLocation2 = Server.MapPath("ecommerceDatabase.mdb")
Dim strSQLCommand2 As String
strSQLCommand2 = "INSERT INTO Customers(SessionID, Fullname, Address, Postcode, CardNo, CardType) " & _
"Values ('" & strSessionID & "', '" & strFullname & "', '" & strAddress & "', '" & strPostcode & "', '" & intCardNo & "', '" & strCardType & "');"
Dim objOleDbConnection2 As System.Data.OleDb.OleDbConnection
objOleDbConnection2 = New System.Data.OleDb.OleDbConnection("Provider=Microsoft.Jet.Oledb.4.0; Data Source=" & strDatabaseNameAndLocation2)
objOleDbConnection2.Open()
Dim objOleDbCommand2 As System.Data.OleDb.OleDbCommand
objOleDbCommand2 = New System.Data.OleDb.OleDbCommand(strSQLCommand2, objOleDbConnection2)
objOleDbCommand2.ExecuteNonQuery()
objOleDbConnection2.Close()
Response.Redirect("validate.aspx")
End If
You will need to run all of your SQL commands using a single connection, and call OleDbConnection.BeginTransaction on the connection, and OleDbTransaction.Commit on the returned transaction object. You should put your product IDs into a List(Of String) to minimize the code, and you should parameterize your queries to avoid SQL injections issues.
The following pseudocode illustrates the general idea:
Dim productIDs = New List(Of String)()
productIDs.Add(Session("product001")) ' Should be in a loop!
' etc.
Using cn = New OleDbConnection(...)
cn.Open()
Using tran = cn.BeginTransaction(IsolationLevel.Serializable) ' or other isolation level
Using cmd = new OleDbCommand(sql1, cn, tran) ' Customers
' Set command parameters
cmd.ExecuteNonQuery()
End Using
Using cmd = new OleDbCommand(sql2, cn, tran) ' Orders
' Set command parameters
cmd.ExecuteNonQuery()
End Using
For Each productID In productIDs
Using cmd = new OleDbCommand(sql3, cn, tran) ' OrderProducts?
' Set command parameters
cmd.ExecuteNonQuery()
End Using
Next
tran.Commit()
End Using
End Using
I'm trying to run a SQL command in VB .NET but it returns a error message of syntax error in my string variable which I just not able to figure out by myself since this is my first experience for programming with SQL command.The specific message is:
Syntax error (missing operator) in query express '= '045617123'.
Where "045617123" is the data stored in one of the data fields
Can someone please help me out from this? Thank You
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim constr As String = "Provider = Microsoft.ACE.OLEDB.12.0;" & "Data Source = C:\Users\JohnnyCheng\Documents\GradeBook.accdb"
Dim conobj As New OleDb.OleDbConnection(constr)
Dim da1 As New OleDb.OleDbDataAdapter()
Dim da2 As New OleDb.OleDbDataAdapter()
Dim sqlstr1 As String = ""
Dim sqlstr2 As String = ""
conobj.Open()
For i As Integer = 0 To vt1.Rows.Count - 1
sqlstr1 = "UPDATE Students SET LastName = '" & vt1.Rows(i)(1) & "', FirstName = '" & vt1.Rows(i)(2) & "', StreetAddress = '" & vt1.Rows(i)(3) & "', City = '" & vt1.Rows(i)(4) & "', State = '" & vt1.Rows(i)(5) & "', ZipCode = '" & vt1.Rows(i)(6) & "' WHERE = '" & vt1.Rows(i)(0) & "'"
da1.UpdateCommand = New OleDb.OleDbCommand(sqlstr1, conobj)
da1.UpdateCommand.ExecuteNonQuery()
Next
'For i As Integer = 0 To vt2.Rows.Count - 1
'sqlstr2 = "UPDATE Grades SET FirstExam = " & vt2.Rows(i)(1) & ", SecondExam = " & vt2.Rows(i)(2) & ", FinalExam = " & vt2.Rows(i)(3) & "WHERE StID = " & vt1.Rows(i)(0)
'da2.UpdateCommand = New OleDb.OleDbCommand(sqlstr2, conobj)
'da2.UpdateCommand.ExecuteNonQuery()
'Next
conobj.Close()
End Sub
Use SqlParameters. If some of your datafields contain ' charachter then sql query return a syntax error. Or users can create a Sql injection query.
Your syntax error in the WHERE = '" & vt1.Rows(i)(0) & "'" There are no column name which must be same as datafield value
Here example of using parameters:
Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
Dim constr As String = "Provider = Microsoft.ACE.OLEDB.12.0;" & "Data Source = C:\Users\JohnnyCheng\Documents\GradeBook.accdb"
Dim query as New StringBuilder()
With query
.AppendLine("UPDATE Students SET LastName = #LastName")
.AppendLine(", FirstName = #FirstName")
.AppendLine(", StreetAddress = #StreetAddress")
.AppendLine(", City = #City")
.AppendLine(", State = #State")
.AppendLine(", ZipCode = #ZipCode")
.AppendLine("WHERE YourIDField = #ID;")
End With
Using conobj As New OleDb.OleDbConnection(constr)
conobj.Open()
Dim da1 As New OleDb.OleDbDataAdapter()
For i As Integer = 0 To vt1.Rows.Count - 1
Using updCommand As New OleDb.OleDbCommand(query.ToString(), New OleDb.OleDbConnection(""))
updCommand.Parameters.AddWithValue("#LastName", vt1.Rows(i)(1))
updCommand.Parameters.AddWithValue("#FirstName ", vt1.Rows(i)(2))
updCommand.Parameters.AddWithValue("#StreetAddress ", vt1.Rows(i)(3))
updCommand.Parameters.AddWithValue("#City ", vt1.Rows(i)(4))
updCommand.Parameters.AddWithValue("#State ", vt1.Rows(i)(5))
updCommand.Parameters.AddWithValue("#ZipCode", vt1.Rows(i)(6))
updCommand.Parameters.AddWithValue("#ID", vt1.Rows(i)(0))
da1.UpdateCommand = updCommand
da1.UpdateCommand.ExecuteNonQuery()
End Using
Next
End Using
End Sub
I'm using basic date picker for vb.net and oracle as my database. when i insert the date from basic date picker, i got this error >> ORA-01797: this operator must be followed by ANY or ALL
this is my code :
Private Function GetDate(ByVal bdp1 As Date) As DataSet
Dim connectionString As String = "Data Source = ***; User ID =***; Password =**;"
Dim sqlConnection As OracleClient.OracleConnection = New OracleClient.OracleConnection(connectionString)
Dim queryString As String = "select * from smsdw.lot_act where tran_dttm <= ('" & bdp1 & "' , 'MM/DD/YYYY') and tran_dttm > ('" & bdp1 & "', 'MM/DD/YYYY')"
Dim sqlCommand As OracleClient.OracleCommand = New OracleClient.OracleCommand(queryString, sqlConnection)
sqlCommand.CommandTimeout = 0
Dim dataAdapter As OracleClient.OracleDataAdapter = New OracleClient.OracleDataAdapter(sqlCommand)
Dim dataSet As DataSet = New DataSet
dataAdapter.Fill(dataSet)
Return dataSet
End Function
Try, instead:
Dim queryString As String = "select * from smsdw.lot_act where tran_dttm <= :dtm1 and tran_dttm > :dtm2"
Dim sqlCommand As OracleClient.OracleCommand = New OracleClient.OracleCommand(queryString, sqlConnection)
sqlCommand.Parameters.AddWithValue("dtm1",bdp1)
sqlCommand.Parameters.AddWithValue("dtm2",bdp1)
Which a) avoids the possibility of SQL injection, and b) Keeps the date as a date throughout, rather than mangling it to/from a string.
It doesn't fix the logical issue with your query though - where you're trying to find a row where tran_dttm is both "less than or equal" and "greater than" the same value.
Try this ..
Dim queryString As String = "select * from smsdw.lot_act where tran_dttm <= cdate('" & bdp1.Value.ToString & "') and tran_dttm > cdate('" & bdp1.Value.ToString & "')"
Try this:
Dim queryString As String = "select * from smsdw.lot_act where tran_dttm <= '" & bdp1.ToString("MM/dd/yyyy") & "' and tran_dttm > '" & bdp1.ToString("MM/dd/yyyy") & "'"
But for oracle the default datetime format is YYYY-MM-DD. You have three options:
Change the default file format for the one that suits your desires
Use the default format: bdp1.ToString("yyyy-MM-dd")
Use the todate oracle function specifiying the read format:
" to_date('" & bdp1.ToString("MM/dd/yyyy") & "', 'mm/dd/yyyy') "
Function FindUserByCriteria(ByVal _state As String, ByVal _county As String, ByVal _status As String, ByVal _client As String, ByVal _department As String, ByVal _ordernumber As String) As DataTable
'Code to load user criteria from database
Dim ordertype As String
If _status = "Online" Then
ordertype = "Online"
ElseIf _status = "Tax Cert Call" Then
ordertype = "Call"
End If
Dim TaxConnStr As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" & ConfigurationManager.AppSettings("Database")
Dim dbConnection As OleDbConnection = New OleDbConnection(TaxConnStr)
Try
Dim queryString As String
queryString = "Select Username, Amount, Rank FROM UserCriteria "
queryString += "WHERE UserCriteria.State = '" & _state & "' AND UserCriteria.County = '" & _county & "' AND UserCriteria.Status = '" & _status & "' AND UserCriteria.Client = '" & _client & "' AND UserCriteria.Department = '" & _department & "' AND UserCriteria.OrderNumber = '" & _ordernumber & "';"
Dim dbCommand As OleDbCommand = New OleDbCommand
dbCommand.CommandText = queryString
dbCommand.Connection = dbConnection
Dim dataAdapter As OleDbDataAdapter = New OleDbDataAdapter
dataAdapter.SelectCommand = dbCommand
Dim dataSet As DataSet = New DataSet
dataAdapter.Fill(dataSet)
If dataSet.Tables(0).Rows.Count >= 1 Then
FindUserByCriteria = dataSet.Tables(0)
End If
Console.WriteLine(vbCrLf)
For i = 0 To FindUserByCriteria.Rows.Count - 1
If Not IsUserOnline(FindUserByCriteria.Rows(i).Item("UserName")) Then
FindUserByCriteria.Rows(i).Delete()
End If
Next
FindUserByCriteria.AcceptChanges()
Catch ex As Exception
Console.WriteLine(ex.Message)
myLogger.Log(ex.Message)
SendMail(ex.Message)
Finally
dbConnection.Close()
End Try
End Function
So, i get the "Object reference not set to an instance of an object." error at the
For i = 0 To FindUserByCriteria.Rows.Count - 1
line. I swear this was working for me not just 3 days ago...not sure what has changed in my code recently to make this error pop up. Any help would be nice.
you need to reverse the for loop for
For i = FindUserByCriteria.Rows.Count - 1 to 0 step -1
you need to delete backward otherwise you will reach an index already deleted
or you simply need to put the use of any FindUserByCriteria inside the if where it get set
If dataSet.Tables(0).Rows.Count >= 1 Then
FindUserByCriteria = dataSet.Tables(0)
Console.WriteLine(vbCrLf)
For i = 0 To FindUserByCriteria.Rows.Count - 1
If Not IsUserOnline(FindUserByCriteria.Rows(i).Item("UserName")) Then
FindUserByCriteria.Rows(i).Delete()
End If
Next
FindUserByCriteria.AcceptChanges()
End If