Click here to Skip to main content
15,312,009 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I need to send the Data to Email as well as SMS and now what i want is to circulate the values to every class
i have set the properties like this
namespace AVM_Technologies.MailClient
{
public class MailClient
{

public string Course
{
get ;
set;
}
public string Name
{
get ;
set ;

}
public string Email
{
get; set;
}
public string Phone
{
get; set;
}
public string CompleteMail
{
get;set;
}
public string Subject
{ get; set; }
}
}
and when i tried to assign them value in e.g in default page like this
MailClient.MailClient MailClient = new MailClient.MailClient();
MailClient.course = DropDownList1.SelectedItem.Text;
MailClient.name = reservation_Name.Text;
MailClient.Email = reservation_Email.Text;
MailClient.Phone = reservation_phone.Text;
// also what i need to do is insert data in db from different class so now im doing it like this I have sepreate class for insertion like below
public class UserDataInsertion
{
MailClient MailClient = new MailClient();
public void MailDataSqlInsertion()
{
// Insertion of MailData to DataBase
string Connectionstring = ConfigurationManager.ConnectionStrings["DataConnect"].ConnectionString;
int Eval;
try
{
using (SqlConnection con = new SqlConnection(Connectionstring))
{
con.Open();
String CmdText = "insert into dbo.MailTable_Data(Name,Course,Email,Phone,CompleteMail) Values('" + MailClient.Name + "','" + MailClient.Course + "','" + MailClient.Email + "','" + MailClient.phone + "','" + MailClient.CompleteMail + "'";
SqlCommand SqlCmd = new SqlCommand(CmdText, con);
SqlCmd.ExecuteNonQuery();
con.Close();
}
}
catch
{



}
}
}
am accessing the MailCientData in MailDataSqlInsertion() method but properties are empty or null please breif me about this ... thanks in advance ..

What I have tried:

I have made object to access the properties that im sending in insert command to store data but its null can you provide KT about it??
Posted
Updated 15-Jan-18 22:54pm
v3

1 solution

The problem is that you don't use an existing instance of a MailClient in your MailDataSqlInsertion method, but a new, empty one:
C#
MailClient MailClient = new MailClient();
public void MailDataSqlInsertion()
    {
    ...
    String CmdText = "insert into dbo.MailTable_Data(Name,Course,Email,Phone,CompleteMail) Values('" + MailClient.Name + "','" + MailClient.Course + "','" + MailClient.Email + "','" + MailClient.phone + "','" +
You new to not create ne winstance here, but use the one that is passed to you.
There are two ways to do this:
1) Make the MailClient instance a parameter to the MailDataSqlInsertion method, so you have to pass the data each time you use it.
2) Make the UserDataInsertion class constructor require a MailClient parameter and save it for when it's needed later.

The first option is the most flexible, as you can reuse the UserDataInsertion instance for several messages in succession.

But whatever you do, don't do database work like that! Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'
Which SQL sees as three separate commands:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
SQL
DROP TABLE MyTable;
A perfectly valid "delete the table" command
SQL
--'
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
   
Comments
CyberSaint 19-Jan-18 1:52am
   
Nice One I used Parameterized Approach thanks alot and thanks for query enlightenment i will take care of all of it.... thanks bro and yup i have different server for backup which we regularly used every week thanks
OriginalGriff 19-Jan-18 1:56am
   
You're welcome!

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900