Selecting Values from Database

Question

0.00/5 (No votes)

See more:

C#

C#4.0

SQL-Server-2008R2

, +

Hello. I am trying to Select values from 2 tables.
My 1st table(Student_Data) is as follows:

HTML

USN       |Name    |FName    |Dept    |Branch    |Sem
001        abc      ABC       BE       CS         3
002        xyz      XYZ       BE       CS         3
003        def      DEF       BE       CS         4
004        pqr      PQR       BE       CS         5

My 2nd table(Course_Data) is as follows:

HTML

CC       |C_Title  |Dept    |Branch    |Sem  |Crdits
sub1       C        BE       CS         3      5
sub2       C++      BE       CS         3      5
sub1       Math     BE       CS         4      5
sub1       Java     BE       CS         5      5

I want my result as follows : (When user enters USN as 001,Dept as BE, Branch as CS and Sem as 3)

HTML

USN       |Name    |FName     |CC       |C_Title    |Crdits
001        abc      ABC        sub1      C           5
001        abc      ABC        sub2      C++         5

I tried and I was able to built the following Query :

SQL

SELECT * FROM (SELECT Student_Data.USN, Student_Data.Name, Student_Data.FName, Course_Data.CC, Course_Data.Credits FROM Student_Data INNER JOIN Course_Data ON Student_Data.Dept=Course_Data.Dept AND Student_Data.Branch=Course_Data.Branch) WHERE USN = '" + TextBox1.Text + "' ORDER BY CC

I am getting error at WHERE Clause as Incorrect Syntax.
Please Help me out.
Thank you.

Posted 26-Apr-15 19:54pm

partha143

Updated 26-Apr-15 19:56pm

v2

Add a Solution

Comments

Sinisa Hajnal 27-Apr-15 2:48am

You need to add alias for the subselect just before WHeRE like this ) a WHERE...

But Griffs solution is cleaner and the advice sound. NEVER trust user input.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2015-04-26T20:06:00

First, Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

Then try something like this:

SQL

SELECT s.USN, s.Name, s.FName, c.CC, c.C_Ttile, c.Credits 
FROM Student_Data s
INNER JOIN Course_Data c
ON s.Dept=c.Dept AND s.Branch=c.Branch
WHERE s.USN=@USN 
ORDER BY c.CC

Don't forget to add the @USN parameter to your SqlCommand object and set it's value to the textbox content!

Selecting Values from Database

1 solution

Solution 1

Add your solution here

Preview 0

Existing Members

...or Join us