Click here to Skip to main content
15,846,727 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
VB
Dim conns As New SqlConnection("Data Source=DESKTOP-IJRIL1\SQLEXPRESS;Initial Catalog=Sample_AES;Integrated Security=True")
Dim SubAD As new SqlDataAdapter("Select SubID, Subject From Subjects Where SubID = " & cbSubID.SelectedValue & "", conns)
Dim subtable As New DataTable

SubAD.Fill(subtable)

txtSubject.Text = subtable(0)(1)


What I have tried:

Where SubID = " & cbSubID.SelectedItem.ToString & "", conns)


there is still an error. any suggestions
Posted
Updated 25-Apr-19 9:16am
Comments
Mehdi Gholam 25-Apr-19 14:09pm    
Try +
Richard Deeming 25-Apr-19 14:25pm    
Dim SubAD As new SqlDataAdapter("Select SubID, Subject From Subjects Where SubID = @SubID", conns)
SubAD.SelectCommand.Parameters.AddWithValue("@SubID", cbSubID.SelectedValue)
Member 14331592 25-Apr-19 14:35pm    
tried it but there's an error message about "No mapping exists from object type System.Data.DataRowView to a known managed provider native type."
Richard Deeming 25-Apr-19 14:38pm    
Then you'll need to extract the relevant field from the selected item:
Dim SubAD As new SqlDataAdapter("Select SubID, Subject From Subjects Where SubID = @SubID", conns)
Dim row As DataRowView = DirectCast(cbSubID.SelectedValue, DataRowView)
SubAD.SelectCommand.Parameters.AddWithValue("@SubID", row("YOUR_FIELD_NAME_HERE"))

1 solution

First you don't need the ending & "" garbage. I see that all the time with newb's and it's completely useless.

On your problem line, you start a string literal with a " and then you try to add a variable value to it without first closing the literal.

Next, DO NOT USE string concatenation to build an SQL query. ALWAYS use parameterized queries. See DataAdapter Parameters | Microsoft Docs[^] for how to do it.

Then go see Google: sql injection attack[^] for why.
 
Share this answer
 
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900