Click here to Skip to main content
15,943,245 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hey friend. i have some project. i need get address to
lable when i enter name into code is lile this
da=new sqldataadapter("SELECT * FROM members
WHERE name=" & textbox1.text &"", dbconn)
catch ex as exception
exit sub
end try
sub bind()
end sub
unfortunatly its not work. i see one erro msg. its 'invalied colinm name.but actually column name is corect. its sure.
then i try search infomation by there age. its worked. but
i have no idea to get address when emter there names.
im using and sql server.
please help me . please
Updated 3-Feb-12 4:44am

The best way to handle this is to use parameters. See: SqlParameter[^].

So your code could be something like:
dim cmd as new SqlCommand
cmd.CommandText = "SELECT * FROM members WHERE name=@name"
cmd.Connection = dbconn
cmd.Parameters.AddWithValue("@name", textbox1.text)
da=new sqldataadapter(cmd)
Share this answer
The reason you get that error is because you do not have single quotes around the text value. Your sql that is being executed looks like

SELECT * FROM members WHERE name=Bill

and it needs to be
SELECT * FROM members WHERE name='Bill'

But an even bigger issue is that this SQL is wide open for SQL injection. You need to change the value to use a SQL Parameter and never take input from the screen and put directly into a SQL statement.
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900