Click here to Skip to main content
15,743,876 members
Search within:


Comments by Łukasz Szeszycki (Top 4 by date)

Łukasz Szeszycki 6-Dec-20 10:42am View    
Thank you, bu could you help me how use Parameterized queries? I am beginner programist and i don't have idea
Łukasz Szeszycki 4-Dec-20 16:31pm View    
Deleted
protected void dodaj_Click(object sender, EventArgs e)
{

string ConnectionString = "Data Source= (LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|dane.mdf;";
string sql;
int row;
int ros;
using (SqlConnection con = new SqlConnection(ConnectionString))
{
// sql query
if (sezon.SelectedValue == "2020/21")
{

sql = "select count(*) from zapasy_2020-21 where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
SqlCommand cmd = new SqlCommand(sql, con);

con.Open();
ros = (int)cmd.ExecuteScalar();

con.Close();

if (ros > 0)
{
sql = "select ilosc from zapasy_2020-21 where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
SqlCommand cmq = new SqlCommand(sql, con);
con.Open();
int ilo = (int)cmq.ExecuteScalar();
con.Close();

sql = "insert into zapasy_2020-21 values (@ilosc) where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
con.Open();
SqlCommand cma = new SqlCommand(sql, con);
string y = TextBox1.Text;
int z;
z = int.Parse(y);

SqlParameter paramName = new SqlParameter();
paramName.ParameterName = "@ilosc";
paramName.Value = ilo + z;

cma.Parameters.AddWithValue("ilosc", paramName);


int i = cma.ExecuteNonQuery();
con.Close(); // connection close

}
else
{




sql = "insert into zapasy_2020-21 values (@login,@odmiana,@ilosc)";
con.Open();
SqlCommand cmk = new SqlCommand(sql, con);
string y = TextBox1.Text;
int z;
z = int.Parse(y);
cmk.Parameters.AddWithValue("login", Context.User.Identity.Name);
cmk.Parameters.AddWithValue("odmiana", odmiany.SelectedValue);
cmk.Parameters.AddWithValue("ilosc", z);

int i = cmk.ExecuteNonQuery();
con.Close(); // connection close


}
}


else
{
sql = "select count(*) from zapasy_2021-22 where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
SqlCommand cmw = new SqlCommand(sql, con);

con.Open();
row = (int)cmw.ExecuteScalar();
// cast into integer and executescalar() get single value from database.
con.Close(); // connection close

if (row > 0)
{
sql = "select ilosc from zapasy_2021-22 where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
con.Open();
SqlCommand cmp = new SqlCommand(sql, con);
int ilo = (int)cmp.ExecuteScalar();
con.Close();

sql = "insert into zapasy_2020-21 values (@ilosc) where login='" + Context.User.Identity.Name + "' and odmiana='" + odmiany.SelectedValue + "'";
con.Open();
Łukasz Szeszycki 4-Dec-20 16:29pm View    
Yes, i know, but when i write SqlCommand with using , visual shows me a problem with cmd that "an unassigned variable was used". I could send you all my code :)
Łukasz Szeszycki 4-Dec-20 16:10pm View    
when I use this code, shows me an error "an unassigned variable was used" (cmd)

Advertise
Privacy
Cookies
Terms of Use
Last Updated 1 Jan 1900
Layout: fixed | fluid
Copyright © CodeProject, 1999-2023
All Rights Reserved.

Web02 2.8:2023-09-05:1