How to search id or name over criteria ?

Question

0.00/5 (No votes)

See more:

Well I'm trying to search database records which will be reflect into my DGV (DataGridView). My DGV is binded using bindingsource and tableadapter at form startup with criteria search which leads to show specific records i want.

My table (userdata) contains all users details (Student, Faculty) all together separated with numbers like (Faculty=1 and Student=2). But I added a TextBox to search over facultyDGV it shows also students.

The table has a column name authentic which carry the numbers 1 and 2 for separation purpose.

How can I get rid of this ?

What I have tried:

My DGV load query is = "SELECT * from [userdata] WHERE authentic=1", works fine and showing faculty.

My SearchTextBox query is = "SELECT * from [userdata] WHERE name like '%"
searchTextBox.text "%' OR id like '%"
searchTextBox.text "%' AND authentic=1", not working and showing all users.

I also tried = "SELECT * from [userdata] WHERE name like '%" searchTextBox.text "%' AND authentic=1" which works over name search only but i want to search using same searchtextbox with name, id and other information i want.

help me to build this query.

Thank you codeproject.

Posted 18-Mar-18 20:04pm

Babai JermenKeller Sasmal

Updated 19-Mar-18 3:18am

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Accepted Answer · 2018-03-19T03:20:00

Solution 1

0) Is you Id field *really* a string? Most of the time, the Id field in a table is an integer.

1) You shouldn't form your query by concatenating strings with variables like that, because you risk sql injection. You should set parameters in the SqlCommand object you use to run the query. There are many references to this that are easily discoverable with even a cursory google search.

2) Assuming @authentic = 2, and @name = 'Steve';

VB

"SELECT * from [userdata] WHERE authentic=" + @authentic + " and name like '%" + @name + "%'"

The query above will give you all students with the word "steve" somewhere in the name.

I'm not sure what Id has to do with given my first question.

Posted 19-Mar-18 3:20am

#realJSOP

Updated 19-Mar-18 3:37am

v5

Comments

CHill60 19-Mar-18 9:22am

Ouch! Concatenated strings to create sql queries is never a good idea

#realJSOP 19-Mar-18 9:35am

Yeah, I mentioned that. I've edited my answer a couple of times.

Babai JermenKeller Sasmal 20-Mar-18 2:05am

John Simmons thank you for replying but let me tell you that my ID is string But not the primary key. I want users to customize\modify ID as they want. But actual primary key is only used in database table. Btw thats not the issue.

The primary issue is, "SELECT * from [userdata] WHERE authentic=" + @authentic + " and name like '%" + @name + "%'" its only search name over criteria. But how can I search multiple fields like ID, NAME etc etc over criteria authentic=1 ?