vb.net - update the column specifed in the text box from the server -

-

i want update column of table column name entered in textbox while executing. following code not performing action. textbox14 contains column name , textbox12 consists value updated.

        dim squery string = "select name,days definedleave"                         dim cmd6 sqlcommand = new sqlcommand(squery, con)                         dim dr6 sqldatareader = cmd6.executereader()                         dim integer = 0                         while dr6.read()                             try                                 s = dr6(i).tostring                                 textbox14.text = s                                 = dr6(i + 1).tostring                                 textbox12.text =                                dim sql = "update empleave set " & textbox14.text.trim & "=@na epid='" + txtcode.text + "'"                                  using com7 = new sqlcommand(sql, con)                                     com7.parameters.addwithvalue("@na", textbox12.text)                                     com7.executenonquery()                                 end using                             catch ex exception         msgbox("hello")     end try                         end while                         com7.dispose()                         dr6.close()

unfortunately, parameters can used values, not identifiers. they're variables in vb - can't use contents of 1 variable stand variable in vb either.

the silly thing you're trying use parameter can't , can, epid value, use string concatenation. code should this:

dim sql = "update empleave set [" & textbox14.text & "] = @na epid = @epid"  using com7 = new sqlcommand(sql, con)     com7.parameters.addwithvalue("@na", textbox12.text)     com7.parameters.addwithvalue("@epid", txtcode.text)      com7.executenonquery() end using

that still leaves open sql injection though, should make absolutely sure validate column name first. in fact, should query database column names first , put them in combobox. way guaranteed user select valid value.


Comments

Post a Comment

Popular posts from this blog

google api - Incomplete response from Gmail API threads.list -

-
i plot number of emails in inbox on time using gmail api , i'm seeing lot of drop-outs, whatever reason i'm getting incomplete count of messages @ single time points. my plots here: https://plot.ly/~tdsmith/2 -- "drop-outs" i'm complaining trace shoots downwards , recovers previous level @ next timepoint. the code i'm using count emails here: https://github.com/tdsmith/gmail-plotly/blob/master/gmail-plotly.py#l47-l64 what can diagnose these faults?
Read more

Installing Android SQLite Asset Helper -

-
i need use ready made database. search solution on internet did not work until decided use mentioned library found here . however, found hard use library in installation procedures shallow beginners. i appreciate step step procedure on how use android studio. in struggle tried copying sources main/libs , adding line gradle did not work. use api 19 if helps. update here build.gradle // top-level build file can add configuration options common sub-projects/modules. buildscript { repositories { mavencentral() } dependencies { classpath 'com.android.tools.build:gradle:0.11.+' compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+' // note: not place application dependencies here; belong // in individual module build.gradle files } } allprojects { repositories { mavencentral() } } trying compile project error error:(9, 0) no signature of method: org.gradle.api.internal.artifacts
Read more

Qt Creator - Searching files with Locator including folder -

-
one quick question qtcreator : know possible use locator open files using "ctrl-k" shortcut. however, possible search files including locations? for example, let's want locate file named "main.cpp" in folder named "myfolder" , have lots of other main.cpp files. what should type locator in order open ? just type myfolder/main.cpp in locator
Read more