store formula in sql table

**tblFormulas**like below...

```
FormulaName FormulaEquation
Gain S.P. - C.P.
Loss C.P. - S.P.
Gain% (GAIN * 100)/C.P.
Loss% (LOSS * 100)/S.P
Selling Price (S.P) ((100 + GAIN%)/100)*C.P.
```

Now...

Write down code in .net

replace values of parameters in equations...

for e.g.

```
string Equation = "((100 + GAIN%)/100)*C.P.";
Equation = Equation.Replace("GAIN%", txtGainPer.text); // suppose txtGainPer.text = 50
Equation = Equation.Replace("C.P.", txtCP.text); // suppose txtGainPer.text = 27
Equation = Equation.Replace("S.P.", txtSP.text);
Equation = Equation.Replace("GAIN", txtGain.text);
Equation = Equation.Replace("LOSS", txtLoss.text);
//result will be like below... Equation = "((100 + 50)/100)*27";
//now send this equation to sql as below to evaluate
Equation = "Select " + Equation;
//then pass string to sql for execution...
```

**NOTE**: This code is vulnerable for

*sql injection***TIP**: to avoid this you can use

**available for evaluate expressions OR can**

*third party .net classes*

*write code for evaluate expressions your self*Hope this helped you.

Happy Coding!

:)

What have you tried? What have you got to store so far? Where are you stuck?