Where condition I need to check 3 colum

Question

1.00/5 (2 votes)

See more:

C#

"IF EXISTS(Select tsalesregdump_name From vsolv_trn_tsalesregdump Where tsalesregdump_name = '" & dtDumpBooking.Rows(0).Item("tsalesdump_name").ToString() & "') " + _
"BEGIN " + _
"   Update vsolv_trn_tsalesregdump " + _
"   Set tsalesregdump_date = '" & Format(CDate(dtDumpBooking.Rows(0).Item("tsalesdump_date")), "yyyy-MMM-dd").ToString() & "' " + _
"       ,tsalesregdump_executive = '" & dtDumpBooking.Rows(0).Item("executivename_executive").ToString() & "' " + _
"       ,tsalesregdump_vch_no = '" & dtDumpBooking.Rows(0).Item("tsalesdump_vch_no").ToString() & "' " + _
"       ,tsalesregdump_debit = '" & dtDumpBooking.Rows(0).Item("tsalesdump_debit").ToString() & "' " + _
"       ,tsalesregdump_credit = '" & dtDumpBooking.Rows(0).Item("tsalesdump_credit").ToString() & "' " + _
"       ,tsalesregdump_importby = 'SIVA' " + _
"   Where tsalesregdump_name = '" & dtDumpBooking.Rows(0).Item("tsalesdump_name").ToString() & "' " + _
"END " + _
"ELSE " + _
"BEGIN " + _
"   Insert into vsolv_trn_tsalesregdump(tsalesregdump_date,tsalesregdump_name,tsalesregdump_executive,tsalesregdump_vch_no " + _
"       ,tsalesregdump_debit,tsalesregdump_credit,tsalesregdump_importby) " + _
"   Values ('" & Format(CDate(dtDumpBooking.Rows(0).Item("tsalesdump_date")), "yyyy-MMM-dd").ToString() & "' " + _
"   ,'" & dtDumpBooking.Rows(0).Item("tsalesdump_name").ToString() & "' " + _
"   ,'" & dtDumpBooking.Rows(0).Item("executivename_executive").ToString() & "' " + _
"   ,'" & dtDumpBooking.Rows(0).Item("tsalesdump_vch_no").ToString() & "' " + _
"   ,'" & dtDumpBooking.Rows(0).Item("tsalesdump_debit").ToString() & "','" & dtDumpBooking.Rows(0).Item("tsalesdump_credit").ToString() & "','SIVA') " + _
"END "

                MnResult = Gobjdbconn.ExecuteNonQuerySQL(MsSql)

What I have tried:

C#

Where tsalesregdump_name = 
'" & dtDumpBooking.Rows(0).Item("tsalesdump_name").ToString() & "') " + _

where condition i need to check name,vch_no and data if both of value is true its go to update otherwise insert

and i hav tried if name is equal its the condition is work who i use vch_no and date to check it

Posted 27-Apr-16 19:55pm

Bloodholder Ansih

Updated 28-Apr-16 5:15am

Tadit Dash (ତଡିତ୍ କୁମାର ଦାଶ)

v2

Add a Solution

Comments

Tadit Dash (ତଡିତ୍ କୁମାର ଦାଶ) 28-Apr-16 2:17am

First of all, use parametrized query instead of plain text concatenations, which is very prone to SQL Injection attacks.

Tomas Takac 28-Apr-16 2:31am

This is almost impossible to read and maintain. Use a parametrized query as Tadit suggested or create a stored proc if you really must have logic in your sql query.

Bloodholder Ansih 28-Apr-16 3:08am

im new developer how to use parameter can u guide me plz

Tomas Takac 28-Apr-16 3:55am

SqlCommand.Parameters Property (System.Data.SqlClient)[^]

Bloodholder Ansih 28-Apr-16 4:04am

i try to learn this parameters

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CHill60 · Accepted Answer · 2016-04-28T05:15:00

The preferred route would be to create a stored procedure that takes your parameters and does all of the decisions on update or insert within the procedure.

However, either way, you need to use Parameterized Queries. First of all it helps to protect against SQL Injection attacks, but there are three other important advantages
1. You don't have to worry about surround character or date values with single quotes
2. You (usually) don't have to worry about formatting dates or converting values ToString().
3. You only have to supply a parameter value once instead of having to concatenate the same value 2 or 3 times.

Something like this should work in your case - but note I have not been able to test this so there may be minor errors, possibly with the date formats.

C#

Dim sb As StringBuilder = New StringBuilder("")
sb.Append("IF EXISTS(Select tsalesregdump_name From vsolv_trn_tsalesregdump Where tsalesregdump_name = ")
sb.Append("@Name AND tsalesregdump_vch_no=@VchNo AND tsalesregdump_date=@Date) BEGIN")
sb.Append("   Update vsolv_trn_tsalesregdump ")
sb.Append("   Set tsalesregdump_date = @Date ")
sb.Append("       ,tsalesregdump_executive = @Exec")
sb.Append("       ,tsalesregdump_vch_no = @VchNo")
sb.Append("       ,tsalesregdump_debit = @Debit")
sb.Append("       ,tsalesregdump_credit = @Credit")
sb.Append("       ,tsalesregdump_importby = 'SIVA' ")
sb.Append("   Where tsalesregdump_name = @Name")
sb.Append("END ELSE BEGIN ")
sb.Append("   Insert into vsolv_trn_tsalesregdump(tsalesregdump_date,tsalesregdump_name,tsalesregdump_executive,tsalesregdump_vch_no ")
sb.Append("       ,tsalesregdump_debit,tsalesregdump_credit,tsalesregdump_importby) ")
sb.Append("   Values (@Date,@Name,@Exec,@VchNo,@Debit,@Credit,'SIVA') ")
sb.Append("END ")

sqlCommand.CommandText = sb.ToString()
sqlCommand.Parameters.AddWithValue("@Name", dtDumpBooking.Rows(0).Item("tsalesdump_name"))
sqlCommand.Parameters.AddWithValue("@Date", dtDumpBooking.Rows(0).Item("tsalesdump_date"))
sqlCommand.Parameters.AddWithValue("@Exec", dtDumpBooking.Rows(0).Item("executivename_executive"))
sqlCommand.Parameters.AddWithValue("@VchNo", dtDumpBooking.Rows(0).Item("tsalesdump_vch_no"))
sqlCommand.Parameters.AddWithValue("@Debit", dtDumpBooking.Rows(0).Item("tsalesdump_debit"))
sqlCommand.Parameters.AddWithValue("@Credit", dtDumpBooking.Rows(0).Item("tsalesdump_credit"))

[EDIT] - sorry I forgot to answer your actual question!
To include other columns in your check just use an AND clause. I've highlighted the relevant bit in bold above.