Click here to Skip to main content
14,937,005 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
See more:
i have two different table i want to update these two tables with one button.....
my button is working only one table updated another table is not updating Can u plz Any One...

What I have tried:

C#
private void button2_Click(object sender, EventArgs e)
      {
         cmd = new OleDbCommand("update InvoiceItems set Quantity = '" + txtQty.Text + "',UOM = '" + txtUOM.Text + "',UnitPrice ='" + txtUnitPrice.Text + "',GrossAmount ='" + txtGrossAmount.Text + "',VAT = '" + txtVAT.Text + "',VatAmount ='" + txtVatAmount.Text + "',Total ='" + txtTotal.Text + "' where InvoiceItemId = " + txtInvoiceNo.Text + "", conn);
          conn.Open();
         cmd.ExecuteNonQuery();
             cmd = new OleDbCommand("update Products set ProductName = '" + txtProductName.Text + "' where ProductId =" + txtpid.Text + "",conn);

        cmd.ExecuteNonQuery();

         MessageBox.Show("Sucess");
          conn.Close();
         // DisplayData();

          conn.Open();
          DataTable dt = new DataTable();
          // adapter = new OleDbDataAdapter("select * from InvoiceItems where InvoiceNumber =" + txtInvoiceNo.Text + "", conn);
          string query = "SELECT InvoiceNumber,ProductName,Quantity,UOM,UnitPrice,GrossAmount,VAT,VatAmount,Total FROM  InvoiceItems INNER JOIN Products ON InvoiceItems.ProductId = Products.ProductId where InvoiceItems.InvoiceNumber= " + txtInvoiceNo.Text + "";

          adapter = new OleDbDataAdapter(query, conn);
          adapter.Fill(dt);
          dataGridView1.DataSource = dt;

          conn.Close();

          ClearData();

      }
Posted
Updated 24-Oct-16 21:19pm
v3

1 solution

May be because your query has syntax errors-
C#
cmd = new OleDbCommand(""update InvoiceItems set Quantity = '" + txtQty.Text +"';,UOM = '" + txtUOM.Text + "',UnitPrice ='" + txtUnitPrice.Text + "',GrossAmount ='" + txtGrossAmount.Text + "',VAT = '" + txtVAT.Text + "',VatAmount ='" + txtVatAmount.Text + "',Total ='" + txtTotal.Text + "' where InvoiceItemId = " + txtInvoiceNo.Text + "", conn);

-- ""update.. should be "update..
-- Quantity = '" + txtQty.Text +"';,, no semicolon required here and if it's a numeric datatype column single quote also not required, so should be Quantity = " + txtQty.Text +",
-- Single quotes not required for other columns too like UnitPrice, GrossAmount, VatAmount , Total etc.
Very very important:
Your code is vulnerable to SQLInjection[^]
Please follow below links to learn how to prevent SQL Injection-
How To: Protect From SQL Injection in ASP.NET[^]
SQL Injection Attack, its examples and Prevention mechanisms and Techniques in ASP.Net[^]

Hope, it helps :)
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900