Click here to Skip to main content
15,918,333 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Xml.Linq;
using System.Data.SqlClient;

namespace store_2
{
    public partial class regc : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

            if (IsPostBack)
            {
                SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["registrationconnectionString"].ConnectionString);
                con.Open();
                string checkuser = "select count(*)from the customertable where the User_name='" + TextBoxusername.Text + "'";
                SqlCommand com = new SqlCommand(checkuser, con);
                int temp = Convert.ToInt32(com.ExecuteScalar().ToString());
                if (temp == 1)
                {
                    Response.Write("User alredy exixts");
                }
                con.Close();
            }
        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            try
            {
                SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["registrationconnectionString"].ConnectionString);
                con.Open();
                string insertQuery = "insert into customertable(User_name,Name,Gender,Adress,City,State,Pin_code,mobile_no,Email_id,Password,product_id,Product_Quntity) values (@User_name,@Name,@Gender,@Adress,@City,@State,@Pin_code,@mobile_no,@Email_id,@Password,@product_id,@Product_Quntity)";
                SqlCommand com = new SqlCommand(insertQuery, con);
                com.Parameters.AddWithValue("@User_name", TextBoxusername.Text);
                com.Parameters.AddWithValue("@Name", TextBoxname.Text);
                com.Parameters.AddWithValue("@Gender", TextBoxname.Text);
                com.Parameters.AddWithValue("@Adress", TextBoxadress.Text);
                com.Parameters.AddWithValue("@City", DropDownListcity.SelectedItem.ToString());
                com.Parameters.AddWithValue("@State", DropDownListstate.SelectedItem.ToString());
                com.Parameters.AddWithValue("@Pin_code", TextBoxpincode.Text);
                com.Parameters.AddWithValue("@mobile_no", TextBoxmobno.Text);
                com.Parameters.AddWithValue("@Email_id", TextBoxemail.Text);
                com.Parameters.AddWithValue("@Password", TextBoxpassword.Text);

                com.ExecuteNonQuery();
                Response.Redirect("admin.aspx");
                Response.Write("Registration Is Successful");
                con.Close();
            }
            catch (Exception ex)
            {
                Response.Write("Error:" + ex.ToString());
            }
        }
    }
}
Posted
Comments
Karen Mitchelle 23-May-14 2:44am    
Uh, okay? What's your question again?
Member 10838588 23-May-14 9:17am    
how can i re move the error---An expression of non-boolean type specified in a context where a condition is expected, near 'User_name'.
[no name] 23-May-14 2:46am    
select count(*)from the customertable where the User_name?
from the?
where the?
Member 10838588 23-May-14 9:16am    
string checkuser = "select count(*)from the customertable where the User_name='" + TextBoxusername.Text + "'";
[no name] 23-May-14 9:29am    
string checkuser = "select count(*)from customertable where User_name='" + TextBoxusername.Text + "'";

...without "the" I think works better.

There is no need to be that friendly with an SQL interpreter *lol*

1 solution

Remove the "the" in your sql statement

where the User_name= should be where User_name=

However, you need to change to a paramterized call anyway so that you are not left vulnerable to sql injections.

C#
...
where the User_name= @username";
...
com.Parameters.AddWithValue("@username", txtUserName.Text);
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900