Hey Guys,
I know some of u guys tried to help me but it didnt work....
I have a SQL Database from which im trying to display some data!
I'm using this SqlCommand:
SqlCommand sqlCmd2 =new SqlCommand("SELECT x FROM ytable WHERE
z="+this.ddList1.SelectedItem.Text.ToString(),conn );
It reads the selected item properly but gimes me an eror saying, Invalid
coulmn name "xyz";
xyz is one of the values for z which was selected from
this.ddList1.SelectedItem.Text.ToString();
Please help me thanks!
4  995 
Dharmen,
The syntax of the command is wrong. If you are trying to select a
value, then you need to wrap it in quotes, like so:
select x from ytable where z = 'xyz'
Notice the quotes. However, appending the string as you have it there
is a very, very bad thing, as it opens you up to sql injection attacks.
Your best bet would be to use a parameterized query, like so:
"select x from ytable where z = @zvalue
And then call the appropriate methods to create a parameter, and set the
value. You can do it like this.
// Create the parameter. pobjCommand has the sql command.
// This assumes the column is of type char, and of length 10.
SqlParameter pobjParam = new SqlParameter("@zvalue", SqlDbType.Char, 10);
// Set the value on the parameter.
pobjParam.Value = "xyz";
// Now add to the command.
pobjCommand.Parameters.Add(pobjParam);
Then you can execute normally.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:uL**************@TK2MSFTNGP11.phx.gbl... Hey Guys,
I know some of u guys tried to help me but it didnt work....
I have a SQL Database from which im trying to display some data!
I'm using this SqlCommand:
SqlCommand sqlCmd2 =new SqlCommand("SELECT x FROM ytable WHERE
z="+this.ddList1.SelectedItem.Text.ToString(),conn );
It reads the selected item properly but gimes me an eror saying, Invalid
coulmn name "xyz";
xyz is one of the values for z which was selected from
this.ddList1.SelectedItem.Text.ToString();
Please help me thanks!
Thanks Nicholas!
Do u have MSN Messenger? please email it to id*******@yahoo.com I really
would love to get some live chat help.
Thanks...
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote in
message news:eZ**************@TK2MSFTNGP09.phx.gbl... Dharmen,
The syntax of the command is wrong. If you are trying to select a
value, then you need to wrap it in quotes, like so:
select x from ytable where z = 'xyz'
Notice the quotes. However, appending the string as you have it there
is a very, very bad thing, as it opens you up to sql injection attacks.
Your best bet would be to use a parameterized query, like so:
"select x from ytable where z = @zvalue
And then call the appropriate methods to create a parameter, and set
the value. You can do it like this.
// Create the parameter. pobjCommand has the sql command.
// This assumes the column is of type char, and of length 10.
SqlParameter pobjParam = new SqlParameter("@zvalue", SqlDbType.Char, 10);
// Set the value on the parameter.
pobjParam.Value = "xyz";
// Now add to the command.
pobjCommand.Parameters.Add(pobjParam);
Then you can execute normally.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:uL**************@TK2MSFTNGP11.phx.gbl... Hey Guys,
I know some of u guys tried to help me but it didnt work....
I have a SQL Database from which im trying to display some data!
I'm using this SqlCommand:
SqlCommand sqlCmd2 =new SqlCommand("SELECT x FROM ytable WHERE
z="+this.ddList1.SelectedItem.Text.ToString(),conn );
It reads the selected item properly but gimes me an eror saying,
Invalid coulmn name "xyz";
xyz is one of the values for z which was selected from
this.ddList1.SelectedItem.Text.ToString();
Please help me thanks!
Dharmen,
I tried to message you, but you were not on. =) Feel free to email me
with anymore questions (or post, if you wish).
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:u5**************@TK2MSFTNGP11.phx.gbl... Thanks Nicholas!
Do u have MSN Messenger? please email it to id*******@yahoo.com I really
would love to get some live chat help.
Thanks...
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote
in message news:eZ**************@TK2MSFTNGP09.phx.gbl... Dharmen,
The syntax of the command is wrong. If you are trying to select a
value, then you need to wrap it in quotes, like so:
select x from ytable where z = 'xyz'
Notice the quotes. However, appending the string as you have it
there is a very, very bad thing, as it opens you up to sql injection attacks.
Your best bet would be to use a parameterized query, like so:
"select x from ytable where z = @zvalue
And then call the appropriate methods to create a parameter, and set
the value. You can do it like this.
// Create the parameter. pobjCommand has the sql command.
// This assumes the column is of type char, and of length 10.
SqlParameter pobjParam = new SqlParameter("@zvalue", SqlDbType.Char,
10);
// Set the value on the parameter.
pobjParam.Value = "xyz";
// Now add to the command.
pobjCommand.Parameters.Add(pobjParam);
Then you can execute normally.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:uL**************@TK2MSFTNGP11.phx.gbl... Hey Guys,
I know some of u guys tried to help me but it didnt work....
I have a SQL Database from which im trying to display some data!
I'm using this SqlCommand:
SqlCommand sqlCmd2 =new SqlCommand("SELECT x FROM ytable WHERE
z="+this.ddList1.SelectedItem.Text.ToString(),conn );
It reads the selected item properly but gimes me an eror saying,
Invalid coulmn name "xyz";
xyz is one of the values for z which was selected from
this.ddList1.SelectedItem.Text.ToString();
Please help me thanks!
Hey Nicholas,
hat was not my msn ID...I just wanted u to mail ur ID to that address so i
can add it on....I didnt wanna post my msn here thats y....
thanks
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote in
message news:OM*************@TK2MSFTNGP11.phx.gbl... Dharmen,
I tried to message you, but you were not on. =) Feel free to email me
with anymore questions (or post, if you wish).
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:u5**************@TK2MSFTNGP11.phx.gbl... Thanks Nicholas!
Do u have MSN Messenger? please email it to id*******@yahoo.com I really
would love to get some live chat help.
Thanks...
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote
in message news:eZ**************@TK2MSFTNGP09.phx.gbl... Dharmen,
The syntax of the command is wrong. If you are trying to select a
value, then you need to wrap it in quotes, like so:
select x from ytable where z = 'xyz'
Notice the quotes. However, appending the string as you have it there is a very, very bad thing, as it opens you up to sql injection
attacks. Your best bet would be to use a parameterized query, like so:
"select x from ytable where z = @zvalue
And then call the appropriate methods to create a parameter, and
set the value. You can do it like this.
// Create the parameter. pobjCommand has the sql command.
// This assumes the column is of type char, and of length 10.
SqlParameter pobjParam = new SqlParameter("@zvalue", SqlDbType.Char,
10);
// Set the value on the parameter.
pobjParam.Value = "xyz";
// Now add to the command.
pobjCommand.Parameters.Add(pobjParam);
Then you can execute normally.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
"Dharmen" <as**@asas.com> wrote in message
news:uL**************@TK2MSFTNGP11.phx.gbl...
> Hey Guys,
> I know some of u guys tried to help me but it didnt work....
> I have a SQL Database from which im trying to display some data!
> I'm using this SqlCommand:
> SqlCommand sqlCmd2 =new SqlCommand("SELECT x FROM ytable WHERE
> z="+this.ddList1.SelectedItem.Text.ToString(),conn );
>
> It reads the selected item properly but gimes me an eror saying,
Invalid > coulmn name "xyz";
>
> xyz is one of the values for z which was selected from
> this.ddList1.SelectedItem.Text.ToString();
>
> Please help me thanks!
>
>
>
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: ani |
last post by:
I have few questions regarding datalist control.
1) How do I retrieve the values that are present in
the datalist control. My aspx page actually reloads to
itself, and the datalist control has...
|
by: Thanh |
last post by:
I created an ASP.NET project and dropped a DataList on
the web form. I then wrote a simple class to return data:
namespace Playing
{
public class PositionData
{
private string name;
private...
|
by: Roger R. Smith |
last post by:
Anyway I am having a problem with Web Service and DataList in ASP.NET. so
the best way to explain it would be with the MSPetShop 3.0 Application.
I submitted an order using the Forms on...
|
by: tshad |
last post by:
Is there a way to move a row in a Datalist up or down without having to
re-read the data?
I have a datalist which has embedded Datagrids in it. I want to allow the
user to move a row up or down...
|
by: bienwell |
last post by:
Hi,
I have a problem of displaying data bound by a datalist control. In my
table, I have a field Start_date which has Short Date data type. I tried to
update this field by Current Date. After...
|
by: bienwell |
last post by:
Hi all,
Data displayed on the datalist control is bound by the column name of the
dataset like this :
<%# DataBinder.Eval(Container.DataItem, "title")%>
Could I use an element of the array...
|
by: Craig |
last post by:
This is killing me, I've been trying to figure this out for 2 days.
When I click on the linkbutton, it executes the GetData(int) method to set
the DataSource. The FAILURE is when it tries to...
|
by: Vikas Kumar |
last post by:
i had coded like this
<ItemTemplate>
<table width="100%">
<tr width="100%">
<td
width="25%"><%#DataBinder.Eval(Container.DataItem,"FName")%></td>
<td width="25%"><input type=text ...
|
by: scottls |
last post by:
Hi All,
Thanks for reading my post. I have been working on getting nested
datalists working properly wihtin my framework for many days and I
think I'm almost there. See if you could help me...
|
by: Jules |
last post by:
We have a problem setting, actually resetting, the SelectedItemTemplate
of a DataList control. Below is the ObjectDataSource and the DataList
in .ASPX:
<asp:ObjectDataSource ID="mySource"...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| |
