473,569 Members | 2,634 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

What is the C# equivilant to the following in vb.net?

This is how I did this sql server 2000 string in vb.net:

"FROM TBL_TravelMain WHERE TravelMain_Mlv = '" & MLVTrimString & "'"

In C# you can't use the & something &.
How do I put this in C#, or what do I replace the & with?
Thanks,
Trint

.Net programmer
tr***********@g mail.com

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 16 '05 #1
6 1425
Trint,

You maybe did this in VBNet, however in that it is as wrong as in every
dotNet language
it has to be

.....FROM TBL_TravelMain WHERE TravelMain_Mlv = @MLVTrimString"

And than use the XXXcommand.para meters, here the link for SQL
http://msdn.microsoft.com/library/de...eterstopic.asp

I hope this helps?

Cor
Nov 16 '05 #2
Hi Trint,
This is how I did this sql server 2000 string in vb.net:

"FROM TBL_TravelMain WHERE TravelMain_Mlv = '" & MLVTrimString & "'"

try

"FROM TBL_TravelMain WHERE TravelMain_Mlv = '" + MLVTrimString + "'"
Martin
Nov 16 '05 #3
Trint,

Replace the & with + signs. Don't forget to terminate the line with ;

Hope this helps.
Nov 16 '05 #4
> "FROM TBL_TravelMain WHERE TravelMain_Mlv = '" & MLVTrimString & "'"

In C# you can't use the & something &.
How do I put this in C#, or what do I replace the & with?


The C# equivilant to & is +. However, the code in your example is vunerable
to SQL injection attacks. You should use a parameterized query instead. The
following example shows how to use SqlCommand and SqlParameter:

SqlCommand cmd=new SqlCommand();
cmd.CommandText ="SELECT * FROM TBL_TravelMain WHERE
TravelMain_Mlv= @TravelMain";
cmd.Parameters. Add("@TravelMai n",SqlDbType.Va rChar).Value=ML VTrimString;

Anders Norås
http://dotnetjunkies.com/weblog/anoras/
Nov 16 '05 #5
Cor,
This is in a SQL statement in C# and the equivilant to "&" turns out to
be "+".
Thanks,
Trinity

.Net programmer
tr***********@g mail.com

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 16 '05 #6
> Cor,
This is in a SQL statement in C# and the equivilant to "&" turns out to
be "+".


Trinity,
I think Cor is pointing out that your code does not follow best practices
for data access. I has a SQL injection vunerablity.
SQL injection is a technique for exploitiong applications that use client
supplied data in SQL queries without handling potentially dangerous user
input. If the variable MLVTrimString in your example originates from a input
field or similar and the database user has sufficient privelidges, an
attacker can enter '; DROP TABLE TBL_TravelMain -- into the input field and
actually delete your entire database table.
You should learn how to use classes described on the page Cor referred to so
that you avoid SQL injection attacks.

Anders Norås
http://dotnetjunkies.com/weblog/anoras/
Nov 16 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
4
3316
is there a macromedia dreamweaver equivilant for PHP
by: davidshook | last post by:
I am a begginer with not too much time on my hand. I do some html pages with Dreamweaver and with some minor Flash actionscript and I have a minor ability (with the help of lots of tutorials) to do some PHP. I love Dreamweaver MX since it realy simplifies the visual part of the process of making a page and also help with code typos since it...
PHP
10
3389
What's wrong with the following code to capture the Browser type?
by: Greener | last post by:
Hi, I need help badly. Can you do client-side programming instead of server-side to capture the Browser type info? If this is the case, what's wrong with the following? <script language="JavaScript"> function doWord(file) { if (navigator.userAgent.indexOf("MSIE")!=-1)
Javascript
63
25581
Equivilant of Oracle's DB Links in DB2
by: Nick Palmer | last post by:
Hi all, Is there a DB2 equivilant to Oracle's DB Link functionality ? I have two DB2 databases and I need to get access to the tables in one from the other. In Oracle I would just create a DB Link between the two instances. Is such a thing possible between two DB2 databases ? Thanks in advance, Nick
DB2 Database
26
4439
com+, what more are needed?
by: Lasse Edsvik | last post by:
Hello I'm trying to build a simple COM+ app in vs.net using C# and i cant register it in component manager..... what more is needed than this: using System; using System.EnterpriseServices;
C# / C Sharp
1
7259
app.path; what is the VB .NET equivilant?
by: Roy Lawson | last post by:
I have been working with .NET for a few months now and currently working on the certs. In preparation for certification I am making an application that demonstrates a bunch of .NET different concepts...but am trying to make a simple connection to an Access file in the application directory. I can connect directly to the file, but when I...
Visual Basic .NET
28
2903
What is wrong?
by: federico_bertola | last post by:
Hi everybody! I have this function: int Scan(char String) { printf("%s", String); } it works but when I try to pass a dotted string o separetad with (" ", "_" , "-" ...ecc)
C / C++
4
6677
What is the second const used for?
by: grizggg | last post by:
I have searched and not found an answer to this question. I ran upon the following statement in a *.cpp file in a member function: static const char * const pacz_HTMLContentTypeHeader = "Content-Type: text/html\r\n"; Why is the second const needed and what does it do? Thanks
C / C++
38
2294
2 ways to initialize, what's the difference?
by: Zytan | last post by:
What is the difference between these two lines? Dim args As Object() = New Object() {strText} Dim args As Object() = {strText} args seems usuable from either, say, like so: Me.Invoke(delegate, args) Zytan
Visual Basic .NET
3
6421
deriving from std::exception and overiding what() to construct dynamic messages.
by: vainstah | last post by:
Hello Guys and Galls, To start off, I have reached the solution I was looking for, but I would like comments and feedback on the solution I have reached and tips/tricks on making it more elegant. I am not satisfied with the underlying machinery of the solution though. I am an advanced C programmer and most do object-based programming in C++....
C / C++
0
7615
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
Windows Server
0
8130
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
Online Marketing
0
7979
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
General
0
6284
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5514
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
5219
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3653
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
Networking - Hardware / Configuration
1
1223
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
940
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us