Click here to Skip to main content
15,895,142 members
Search within:


Show MessageBox after returning from DAL Method in 3-Tier Project
Please Sign up or sign in to vote.
0.00/5 (No votes)
This is my 3-Tier project

I am having error in DLL ->empBL.
VB
Public Function insertbyid(ByVal id As String) As Boolean
       Dim con As New SqlConnection()
       Dim cmd As New SqlCommand()
       Try
           Try
               con.ConnectionString = DBConnectionString
               con.Open()
               cmd.CommandText = "insert into yuvapriya where ID = '" & id & "'"
               cmd.CommandType = CommandType.Text
               cmd.Connection = con
               cmd.ExecuteNonQuery()
               Dim bool As Boolean
               Dim dt As DataTable
               Dim db As database
               If Not String.IsNullOrEmpty(id) Then
                   bool = db.executequery("UPDATE yuvapriya SET name = '" & emp.name & "',education = '" & emp.education & "',age = '" & emp.age & "',address = '" & emp.address & "',phonenum = '" & emp.phonenum & "',postcode = '" & emp.postcode & "' ,Email = '" & emp.email & "' WHERE id = '" & id & "'")
                   dt = db.getdt("select * from EmergencyContactDetails where yuvaid = '" & emp.emid & "'")
                   If dt.Rows.Count > 0 Then
                       bool = db.executequery("UPDATE EmergencyContactDetails SET Name = '" & emp.emname & "',Relationship = '" & emp.emrelationship & "',Address = '" & emp.emaddress & "',PostCode = " & emp.empostcode & ",HomeTelephone = " & emp.emhometelephone & ",WorkTelephone = " & emp.emworktelephone & ",PersonalMobile = " & emp.empersonalmobile & ",WorkMobile = " & emp.emworkmobile & " WHERE yuvaid = " & emp.emid)
                   Else
                       bool = db.executequery("INSERT INTO EmergencyContactDetails ([yuvaid],[Name],[Relationship],[Address],[PostCode],[HomeTelephone],[WorkTelephone],[PersonalMobile],[WorkMobile]) VALUES('" & emp.emyuvaid & "', '" & emp.emname & "', '" & emp.emrelationship & "', '" & emp.emaddress & "', '" & emp.empostcode & "', '" & emp.emhometelephone & "', '" & emp.emworktelephone & "', '" & emp.empersonalmobile & "', '" & emp.emworkmobile & "')")
                   End If

                   dt = db.getdt("select * from WorkHistory where yuvaid = '" & emp.whid & "'")
                   If dt.Rows.Count > 0 Then
                       bool = db.executequery("UPDATE WorkHistory SET Organization = '" & emp.whorganization & "',Designation = '" & emp.whdesignation & "',FromDate = '" & emp.whfromdate & "',ToDate = '" & emp.whtodate & "',Comments = '" & emp.whcomments & "' WHERE yuvaid = " & emp.whid)
                   Else
                       bool = db.executequery("INSERT INTO WorkHistory ([yuvaid],,[Organization],[Designation],[FromDate],[ToDate],[Comments]) VALUES('" & emp.whyuvaid & "', '" & emp.whorganization & "', '" & emp.whdesignation & "', '" & emp.whfromdate & "', '" & emp.whtodate & "', '" & emp.whcomments & "')")
                   End If
               Else
                   bool = db.executequery("INSERT INTO yuvapriya (name,education,age,address,phonenum,postcode,Email) VALUES('" & emp.name & "', '" & emp.education & "', '" & emp.age & "', '" & emp.address & "', '" & emp.phonenum & "', '" & emp.postcode & "', '" & emp.email & "')")
                   dt = db.getdt("select * from EmergencyContactDetails where yuvaid = '" & emp.emid & "'")
                   If dt.Rows.Count > 0 Then
                       bool = db.executequery("UPDATE EmergencyContactDetails SET Name = '" & emp.emname & "',Relationship = '" & emp.emrelationship & "',Address = '" & emp.emaddress & "',PostCode = " & emp.empostcode & ",HomeTelephone = " & emp.emhometelephone & ",WorkTelephone = " & emp.emworktelephone & ",PersonalMobile = " & emp.empersonalmobile & ",WorkMobile = " & emp.emworkmobile & " WHERE yuvaid = " & emp.emyuvaid)
                   Else
                       bool = db.executequery("INSERT INTO EmergencyContactDetails ([yuvaid],[Name],[Relationship],[Address],[PostCode],[HomeTelephone],[WorkTelephone],[PersonalMobile],[WorkMobile]) VALUES('" & emp.emyuvaid & "', '" & emp.emname & "', '" & emp.emrelationship & "', '" & emp.emaddress & "', '" & emp.empostcode & "', '" & emp.emhometelephone & "', '" & emp.emworktelephone & "', '" & emp.empersonalmobile & "', '" & emp.emworkmobile & "')")
                   End If
                   dt = db.getdt("select * from WorkHistory where yuvaid = '" & emp.whid & "'")
                   If dt.Rows.Count > 0 Then
                       If Not emp.whfromdate = String.Empty Then

                       End If
                       bool = db.executequery("UPDATE WorkHistory SET Organization = '" & emp.whorganization & "',Designation = '" & emp.whorganization & "',FromDate = '" & emp.whfromdate & "',ToDate = '" & emp.whtodate & "',Comments = '" & emp.whcomments & "' WHERE yuvaid = " & emp.whid)
                   Else
                       bool = db.executequery("INSERT INTO WorkHistory ([yuvaid],[Organization],[Designation],[FromDate],[ToDate],[Comments]) VALUES('" & id & "', '" & emp.whorganization & "', '" & emp.whdesignation & "', '" & emp.whfromdate & "', '" & emp.whtodate & "', '" & emp.whcomments & "')")
                   End If
               End If
               If bool Then
                   MessageBox.Show("success")
               End If
               MessageBox.Show("please enter the name")
           Catch ex As Exception
           Finally
               If cmd IsNot Nothing Then
                   cmd.Dispose()
                   cmd = Nothing
               End If
               If con IsNot Nothing Then
                   con.Dispose()
                   con = Nothing
               End If
           End Try
           Return True
       Catch ex1 As Exception
           Return False
       End Try
   End Function
Posted
Updated 24-Nov-13 19:47pm
v3
Add a Solution
Comments
Ron Beyer 25-Nov-13 0:35am    
So you didn't tell us what the error is or what line you are getting it on, how are we supposed to help?
krish.krish 25-Nov-13 0:35am    
error is

'MessageBox' is not declared. It may be inaccessible due to its protection


Type 'database' is not defined.

2 solutions

Problem

MessageBox comes under System.Windows.Forms Namespace.
So, you can use this in Form's code behind (.cs) page only.

But here you are trying to access it inside one class. It is not possible.


Solution

Ideally, you should return Boolean value from this function and on the calling function, you have to show the MessageBox according to the return value.
 
Share this answer
 
Posted
You didn't specify what the error was, but I can point out a HUGE problem with your code.

All that string concatenation you're using to build the SQL INSERT queries is a MONSTER of a security risk and will cause you all kinds of problems if a user ever types a ' character into those fields.

Google for "vb.net SQL Injection attack" to find out why what you're doing is so bad and what to do about it.
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
error in DAL in creating a 3-tier architecture project in asp.net using c#
How do I Split the below method in 3-tier as BOL/DAL/BLL
3-tier Silverlightarchitecture
Type Return method in DAL Layer when using Entity Framework and Stored Procedure
ASP.NET 3-Tier / 3-Layer architecture question.
insert image to DB with 3-tier !?
ASP.Net 3-Tier architecture
3-Tier Architecture in ASP.NET
Call DAL Method from UI Layer
Is This Called 3-Tiers Architect ?

Advertise
Privacy
Cookies
Terms of Use
Last Updated 25 Nov 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900