I'm Doing A Program To Search But I Keep Getting Blank Information In Datagridview

Question

2.00/5 (1 vote)

See more:

I have a database name edsdb and using sqlite, i have multiple columns but some columns have no information. When i do a search it doesn't show nothing in datagridview. I also have multiple of textbox i want to use as query. Any help?

C#

private void button4_Click(object sender, EventArgs e)
 {

     connection.Open();

     cmd = connection.CreateCommand();
      string CommandText = "select * FROM edsdb WHERE reg_numb LIKE '" + textBox16.Text + "%' AND reg_date LIKE'" + textBox17.Text + "%' AND last_name LIKE '" + textBox18.Text + "%' AND first_name LIKE '" + textBox19.Text + "%' AND house_numb LIKE '" + textBox20.Text + "%' AND street LIKE '" + textBox21.Text + "%' AND city LIKE '" + textBox22.Text + "%' AND phone_numb LIKE '" + textBox23.Text + "%' AND pa_numb LIKE '" + textBox24.Text + "%' AND division LIKE '" + textBox25.Text + "%' AND dob LIKE '" + textBox32.Text + "%' AND age LIKE '" + textBox33.Text + "%' AND doc_type LIKE '" + textBox34.Text + "%' AND red LIKE '" + textBox35.Text + "%' AND blue LIKE '" + textBox36.Text + "%' AND undecided LIKE '" + textBox37.Text + "%'";

    SQLiteDataAdapter adapter = new SQLiteDataAdapter(CommandText, connection);
     ds.Reset();
     adapter.Fill(ds);
     DT = ds.Tables[0];
     dataGridView5.DataSource = DT;

     connection.Close();

 }

Posted 16-Sep-15 13:56pm

jordal

Add a Solution

Comments

PIEBALDconsult 16-Sep-15 21:54pm

Yeah, what he said. Plus don't store dates as strings. And try to avoid DataAdapters. I will also caution you against having your database code directly in your UI code, and why is the cmd a field rather than a local variable?

jordal 17-Sep-15 9:58am

When u say avoid using dataAdapters you meant use data reader instead? i declare sqlitecommand as cmd from the begining.

Patrice T 16-Sep-15 22:16pm

Use the debugger to see what the code is really doing.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2015-09-16T14:24:00

First, I would type a certain something into any one of those TextBoxes and completely destroy your database. Google for "SQL Injection Attach" to find out why what you're doing is soooooo bad and what to do about it. Next, Google for "C# SQL parameterized queries" to find out how to fix it.

Now, to test your query, remove all the WHERE clause fields except for one. Test it. Then add another one back in and test it. Keep going until it doesn't return what you want and then look at the last term you put in.

Oh, and the only way this query will work is if every single column you're searching in is a string of some type. It won't work with numerical and boolean columns if you have them.