|
|
|
Civic06 wrote: I have an object and want to call a method which will automatically go through all its properties and display its values.
Use reflection. Call GetType() to get the object's type (I presume that is also an unknown). From there you can GetProperties(). For each of the PropertyInfo objects you can now invoke the getter method. This will return the value of the property. It is then up to your application how to render that to the user.
|
|
|
|
|
I'm having an error message sounding like :
Prepared statement '(@id text)SELECT * from isp_email.staff where @id like +txtname.' expects parameter @id, which was not supplied.
This message appear when I press button to select a row at run time. What could be the problem?
SqlCommand myCommand = new SqlCommand();
myCommand.Connection=con;
myCommand.CommandText="SELECT * from isp_email.staff where @id like +txtname.Text";
SqlParameter myparam = new SqlParameter("@id",SqlDbType.Text);
myparam.Value=ID;
myCommand.Parameters.Add(myparam);
SqlDataAdapter myAdapter=new SqlDataAdapter(myCommand);
DataSet ds = new DataSet();
myAdapter.Fill(ds);
con.Open();
myCommand.ExecuteNonQuery();
dgupdate.DataSource=ds;
dgupdate.DataBind();
con.Close();
Thank you.
|
|
|
|
|
That error does not match what I see. However there is an error here:
nclauder wrote: myCommand.CommandText="SELECT * from isp_email.staff where @id like +txtname.Text";
The parameter @id is used in place of column name.
Also, txtname.Text will not be understood by SQL Server as it has no knowledge of your form. If you want to use the value from your textbox control then you really need to validate the value and/or sanitise its value and put send it as a parameter. Attempting to inject it will just open your application up to security holes.
|
|
|
|
|
You have code inside your SQL statement
"SELECT * from isp_email.staff where @id like" + txtname.Text;
fixes that...but not quite what you want
I would assume that '@id' is your parameter and you don't have a column in your table named '@id'. You need to look up the usage of parameterized queries. ...You don't place the parameter as substitution for the column name. Parameters are meant to hold values, not field names
|
|
|
|
|
Alaric_ wrote: "SELECT * from isp_email.staff where @id like" + txtname.Text;
Oh Yeah! Another person advising people to put great big security holes in their application. 
Please read about SQL Injection Attacks and how to prevent them.[^]
Alaric_ wrote: You need to look up the usage of parameterized queries.
You know about parameterised queries, but you don't advocate it for putting in the value from the TextBox.  If you know how to do parameterised queries, why inject the value from the TextBox? 
|
|
|
|
|
fixes that...but not quite what you want
...I guess you missed that line. I was advising on syntax. ....Baby steps.
-- modified at 16:50 Wednesday 10th January, 2007
Should be read: Just because I didn't provide information extraneous to the request doesn't mean that I don't know about it.:-> If he would have asked something along the lines of, 'Is this safe?' then I would have given him suggestions on scrubbing his data. ...Another thing, how do you know that his data wasn't scrubbed before the query was specified? I do character validation at the input level to disable invalid input and for any of the text fields that I know are going to be sent through to a query, I send through my SQL formatter. The document you suggested is good for raising discussion but by no means is it perfect. He'll learn about securing his database in his 300 level dba classes. To make the whole thing completely copacetic, I should have suggested something more along the lines of
"SELECT * from isp_email.staff where @id like" + db.ToSQL(txtname.Text);
...happy? (*Note* Remember that it's still not right because he misused the parameter)
|
|
|
|
|
How do I check what kind of file system is installed on a specific drive and is there a way to check if the drive is a CD, an Network share or an USB Drive.
My starting point is like:
---------------------------------
bool driveExist = false;<br />
string[] drives = System.IO.Directory.GetLogicalDrives();
---------------------------------
/Thomas
-- modified at 10:29 Wednesday 10th January, 2007
|
|
|
|
|
|
Hi,
I'm used to c++, and now, with c#, there's one thing that is annoying me:
I want to write text files to disk sequentially, so I dediced to use a StreamWriter. Well, first I create my StreamWriter
StreamWriter filewriter = new StreamWriter(DateTime.Now.ToString("yyyyMMddHHmmss"));
After using it, I close it
filewriter.Close();
and then, how can I open a new file with the same stream writer? Do I have to instance a new streamwriter again? I'm missing c++ filewriter.Open(DateTime.Now.ToString("yyyyMMddHHmmss"));
Thanks in advance.
|
|
|
|
|
The stream writer works as a wrapper around a specific stream. When you close the stream writer it's disposed and not usable any more. To write another stream you create a new stream writer for that stream.
---
Year happy = new Year(2007);
|
|
|
|
|
Ok, thank you for the information. So, now the question is: Is there a file stream oriented object more specialized in reusability?
|
|
|
|
|
jarellan wrote: Is there a file stream oriented object more specialized in reusability?
It has been several years since I last used C++, but I don't think you reused the file resources in C++ either. The when you re-opened a stream you would most likely get a different file handle internally anyway. It was just the class's public interface that made it appear otherwise.
Also, when you Dispose an object in C# (or close a stream) it tells the garbage collector to suppress the finaliser (the .NET equivalent of a destructor). The Finaliser is a safety mechanism in case the managed .NET object goes out of scope while holding onto unmanaged resources, like a file handle. Because the Dispose method and Close method cleans up the unmanaged resources the object can be flagged as not needing to run the finalizer any more. This speeds up garbage collection.
It is possible for an object to call ReRegisterForFinalizer if it needs to, but the documentation does list this very important caveat "Calling the ReRegisterForFinalize method does not guarantee that the garbage collector will call an object's finalizer." [my emphasis]. Without the gurarantee the application could leak memory all over the place if the developer of the client code forgot to call Dispose or Close, or was not disciplined into ensuring that it was called.
I hope this helps.
|
|
|
|
|
I thought c++ fstream open-close doesn't reallocate memory resources...
Anyway, everything I found on the Internet was about StreamWriter, so I think it's the best option...
Thankyou very much.
|
|
|
|
|
jarellan wrote: Is there a file stream oriented object more specialized in reusability?
No, there isn't.
Don't worry about creating a few objects, the memory management in .NET is built to handle that efficiently. Short lived objects are easily handled by the garbage collector, it's actually the objects that you hold on to a bit longer that gets more expensive.
As memory allocation is more expensive in C++, the classes are built for reusability. In .NET it's generally more efficient to just create a new object, so the classes are more often built to be used just once.
---
Year happy = new Year(2007);
|
|
|
|
|
I have to change my mind... Always thinking about memory saving...
Thankyou ;o)
|
|
|
|
|
Hi, I am wondering how can i write only 80 characters to a File.txt file from a string variable line which has more than 100 characters. But rest of the characters should start on a new line in the same file from 81-100. How can i do.
String line=;
FileStream fs = new FileStream("C:\\File.txt", FileMode.Create);
StreamWriter sw = new StreamWriter(fs);
sw.WriteLine(line);
Thanks
|
|
|
|
|
I'll give you a hint: String.ToCharArray
You should be able to complete your homework now.
only two letters away from being an asset
|
|
|
|
|
String line= yourestring.Insert(80,System.Environment.NewLine);
|
|
|
|
|
Use the Substring method to get different parts of a string:
sw.WriteLine(line.Substring(0, 80));<br />
sw.Write(line.Substring(80));
-- modified at 19:16 Wednesday 10th January, 2007
Corrected line,Substring to line.Substring
---
Year happy = new Year(2007);
|
|
|
|
|
substring can give string of 0-80 characters but if i want to to get more strings from 91-100 then it wouldn't work because the second parameter for substring ask how many character you want so i can't even have string.substring(80,string.length).
|
|
|
|
|
umm....Chief, even with the logic that you provided, you could get the 'number of characters that you wanted' by providing
string.substring(80, (string.length-80));
|
|
|
|
|
Look at the code that I gave you. What do you think that the second line does?
If it's not obvious to you, look up the documentation for the Substring method, especially the overload that takes a single parameter.
---
Year happy = new Year(2007);
|
|
|
|
|
...are you saying that to me?
if(you_are)
{
ummm....dude: wasn't replying to you. I was replying to op's post of :
substring can give string of 0-80 characters but if i want to to get more strings from 91-100 then it wouldn't work because the second parameter for substring ask how many character you want so i can't even have string.substring(80,string.length).
..and if you look carefully at the context of my message, you will notice this.
}
else
{
make sure that you reply in the correct context. The way you replied implies that it is tagged to my response.
}
(Nyquist Rate || ! Nyquist Rate)
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
