There are quite a few things wrong here.
But before we start, some basics: Compiling does not mean your code is right! :laugh:
Think of the development process as writing an email: compiling successfully means that you wrote the email in the right language - English, rather than German for example - not that the email contained the message you wanted to send.
So now you enter the second stage of development (in reality it's the fourth or fifth, but you'll come to the earlier stages later): Testing and Debugging.
Start by looking at what it does do, and how that differs from what you wanted. This is important, because it give you information as to why it's doing it. For example, if a program is intended to let the user enter a number and it doubles it and prints the answer, then if the input / output was like this:
Input Expected output Actual output
1 2 1
2 4 4
3 6 9
4 8 16
Then it's fairly obvious that the problem is with the bit which doubles it - it's not adding itself to itself, or multiplying it by 2, it's multiplying it by itself and returning the square of the input.
So with that, you can look at the code and it's obvious that it's somewhere here:
Private Function Double(ByVal value As Integer) As Integer
Return value * value
End Function
Once you have an idea what might be going wrong, start using the debugger to find out why. Put a breakpoint on the first line of the method, and run your app. When it reaches the breakpoint, the debugger will stop, and hand control over to you. You can now run your code line-by-line (called "single stepping") and look at (or even change) variable contents as necessary (heck, you can even change the code and try again if you need to).
Think about what each line in the code should do before you execute it, and compare that to what it actually did when you use the "Step over" button to execute each line in turn. Did it do what you expect? If so, move on to the next line.
If not, why not? How does it differ?
Hopefully, that should help you locate which part of that code has a problem, and what the problem is.
This is a skill, and it's one which is well worth developing as it helps you in the real world as well as in development. And like all skills, it only improves by use!
Now, let's talk about specific problems with your code, and we'll start with the most important, which is one you haven't noticed yet: Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.
When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;
Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
DROP TABLE MyTable;
A perfectly valid "delete the table" command
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.
So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you? Fix this throughout your whole app as a matter of urgency: if you miss one, you will have problems in the future.
I know you can use parameters, because your code shows some ... but they are just pasted in from somewhere else, because your command doesn't use them! It passes the serial number as a parameter - or would if you hadn't commented that out - so use that instead of the concatenation, and dump the rest...
Then there is the actual DB access ... why are you executing a non-query for a SELECT? SELECT is a query, it is intended to return data - and ExecuteNonQuery specifically says "this returns no data" which means you have no way to access the data you SELECTed! Use a DataAdapter or a DataReader instead:
Using con As New SqlConnection(strConnect)
con.Open()
Using cmd As New SqlCommand("SELECT iD, description FROM myTable", con)
Using reader As SqlDataReader = cmd.ExecuteReader()
While reader.Read()
Dim iD As Integer = CInt(reader("iD"))
Dim desc As String = DirectCast(reader("description"), String)
Console.WriteLine("ID: {0}" & vbLf & " {1}", iD, desc)
End While
End Using
End Using
End Using
Submit an article or tip