Click here to Skip to main content
15,890,973 members
Search within:


Avoid too much IF ELSE when filter 10 combobox VB.NET
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
VB
Hi,
I'm currently using IF ELSE method to filter data with lot of combobox.
What i did is something like this :
VB
IF cboName.text = "" AND cboAge.text = "" THEN
     select name,age from tbUser
ELSEIF cboName.text <> "" AND cboAge.text = "" THEN
     select name,age from tbUser WHERE name = '" & cboName.text & "'

ELSEIF cboName.text = "" AND cboAge.text <> "" THEN
     select name,age from tbUser WHERE age = '" & cboAge.text & "'
ELSEIF cboName.text <> "" AND cboAge.text <> "" THEN
     select name,age from tbUser WHERE name = '" & cboName.text & "' AND age = '" & cboAge.text & "'
END IF


And if i have 10 combobox, there will be hundreds of line just for doing this process.

Any suggestion to doing this process effectively?
Thank you.

What I have tried:

IF cboName.text = "" AND cboAge.text = "" THEN
     select name,age from tbUser
ELSEIF cboName.text <> "" AND cboAge.text = "" THEN
     select name,age from tbUser WHERE name = '" & cboName.text & "'

ELSEIF cboName.text = "" AND cboAge.text <> "" THEN
     select name,age from tbUser WHERE age = '" & cboAge.text & "'
ELSEIF cboName.text <> "" AND cboAge.text <> "" THEN
     select name,age from tbUser WHERE name = '" & cboName.text & "' AND age = '" & cboAge.text & "'
Posted
Updated 22-Nov-22 16:29pm
Add a Solution
Comments
Richard Deeming 23-Nov-22 4:28am    
Your code is almost certainly vulnerable to SQL Injection[^]. NEVER use string concatenation/interpolation to build a SQL query. ALWAYS use a parameterized query.
Copycat Studio 25-Nov-22 4:03am    
Thank you for your advice. I am using this app in small local network.
Richard Deeming 25-Nov-22 4:05am    
So you implicitly trust every single person who has a device on that network, and are happy to teach them why they can't search for "O'Connor"?

And you're absolutely confident that no device on that network will ever be infected with malware or otherwise compromised by hackers?

Remember, when you're defending a system against potential threats, you have to be right every time. A hacker only has to be right once.
Copycat Studio 25-Nov-22 4:22am    
Yes i get the point. And yes, it will result an Error when user type single quote char. I'm just newbie vb.net programmer and still lot things to learn. I made apps for my small team and they all just don't know how PC/program work. They only taught how to input. Anyway, again thanks for your advice.

1 solution

You are building a query, you will need to check every choice that is available to the user.

What you can do is build the query as you go.
The Select is always the same:
VB
Dim QueryString = new StringBuilder()
Dim WhereBuilder = new List(Of String)()

QueryString.Append("select name, age from tbUser")

Then do each test:
VB
If Not String.IsNullOrWhitespace(cboName.Text) Then
    WhereBuilder.Add("name = '" + cboName.Text + "'")
End If

If Not String.IsNullOrWhitespace(cboAge.Text) Then
    WhereBuilder.Add("age = '" + cboAge.Text + "'")
End If

Now you are ready to build the query:
VB
If WhereBuilder.Count > 0 Then
    QueryString.Append(" where ")
    QueryString.Append(String.Join(" and ", WhereBuilder)
End If

dim query = QueryString.ToString()

NOTE: Code is written in the answer untested, so may need cleaning up.
 
Share this answer
 
Posted
Comments
CHill60 23-Nov-22 6:14am    
5'd. Sound principle and one I've used many times.
Only thing I would add is the need to record if an " and " is required - I usually have a bool - if it is set then prepend " and " otherwise prepend " ". It is set to true inside each if-statement. That handles not knowing which will be the first item added to the where-clause
Graeme_Grant 23-Nov-22 6:59am    
Thanks ... I wanted to keep it simple for him, but yes, I would do the same.
Copycat Studio 23-Nov-22 20:02pm    
Thanks i will soon test it.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How avoid undesirable selectedindexchanged in combobox
How to use if else statement in combobox in VB.NET
How to refresh combobox items at runtime when combobox itemsource is binded to a list in WPF?
Filter combobox in a datgrid based on another combobox vb.net
C# WPF combobox filter
Filter data from comboboxs
Filtering in asp combobox
Filter combobox the where combobox text match contains
Combobox in VB.NET with MS ACCESS database v
Combobox filter issue?

Advertise
Privacy
Cookies
Terms of Use
Last Updated 22 Nov 2022
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900