How do I update a column in database with the new user inputs?

Question

0.00/5 (No votes)

See more:

C#

private void button1_Click(object sender, EventArgs e)
        {
            /*VirtualPet.Popup popup = new VirtualPet.Popup();
            popup.UpdatePopup();*/
            SqlCeConnection conn = new SqlCeConnection("Data Source=E:\\Project Final_Year\\Project Final\\MyProject\\ERU Implementation\\VirtualPetedit\\VirtualPet\\MyDB.sdf");
            string query = "UPDATE Events SET (event_name='" + this.textBox2.Text + "', event_description='" + this.richTextBox1.Text + "', event_type='" + this.comboBox1.SelectedItem + "', date='" + this.dateTimePicker1.Value + "', time='" + this.textBox3.Text +"')  WHERE event_id = " + textBox1.Text + ";";
            SqlCeCommand cmd = new SqlCeCommand(query, conn);
            try
            {
                conn.Open();
                SqlCeCommand command = new SqlCeCommand(query, conn);
                command.ExecuteNonQuery();
                VirtualPet.Popup popup = new VirtualPet.Popup();
                popup.UpdatePopup();
                conn.Close();
                //command.Parameters.AddWithValue("@EI", textBox4.Text);  
            }
            catch (Exception err)
            {
                MessageBox.Show(err.Message);
            }
        }

Posted 23-Apr-15 17:33pm

Abdul Rahman BCS

Updated 23-Apr-15 17:39pm

DamithSL

v2

Add a Solution

Comments

DamithSL 23-Apr-15 23:43pm

any exceptions?

PIEBALDconsult 24-Apr-15 0:21am

Please don't form SQL statements by using concatenation! Please use a parameterized statement.
Also, create a Data Access Layer (class) rather than putting Data Access code directly in your UI code.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

PIEBALDconsult · Accepted Answer · 2015-04-23T18:23:00

Solution 1

You don't say which database system, but (unlike an INSERT statement) an UPDATE statement doesn't use parentheses around the columns and values.

Posted 23-Apr-15 18:23pm

PIEBALDconsult

Unkownwar · Accepted Answer · 2015-04-23T19:55:00

Update statement doesn't need a parenthesis. Why not try creating a stored procedure in the database so that you cant test it first there then call the procedure in the front end?

Update [table_name] set [Field_name] = [Object] where [Field_name] = [value]

also just a heads up, try to use parameters to avoid sql injection.