Problem writing parametrized query

W

weird0

Hi!

On the recommendation of one of the MVP's on this group....... I tried
writing parametrized queries. But the ****ing thing does not work and
it does not update the data in the table.
I gotta do my work by concatenation right now. But what is wrong with
the code anyway?

Can anyone figure out.

public static bool Change_CC_Pincode(string userName, string
Pincode)
{
string query = "UPDATE CreditCard SET cc_pincode=@PINCODE
WHERE username=@USERNAME";
SqlConnection cn = new SqlConnection(connectionString);


// Create a new SQL Command object with our query
// Note the syntax for our parameter field, "first"
SqlCommand sqlCommand = new SqlCommand(query, cn);

sqlCommand.Parameters.Add("@PINCODE", SqlDbType.Int).Value
= Pincode;
sqlCommand.Parameters.Add("@USERNAME",
SqlDbType.VarChar).Value =userName.ToCharArray();
cn.Open();
int result = sqlCommand.ExecuteNonQuery();

// Close Reader and Connection.
cn.Close();
if (result > 0)
return true;
else
return false;

}

Regards
Generous for your help
 
S

sonicwrx

Hi!

On the recommendation of one of the MVP's on this group....... I tried
writing parametrized queries. But the ****ing thing does not work and
it does not update the data in the table.
I gotta do my work by concatenation right now. But what is wrong with
the code anyway?

Can anyone figure out.

public static bool Change_CC_Pincode(string userName, string
Pincode)
{
string query = "UPDATE CreditCard SET cc_pincode=@PINCODE
WHERE username=@USERNAME";
SqlConnection cn = new SqlConnection(connectionString);

// Create a new SQL Command object with our query
// Note the syntax for our parameter field, "first"
SqlCommand sqlCommand = new SqlCommand(query, cn);

sqlCommand.Parameters.Add("@PINCODE", SqlDbType.Int).Value
= Pincode;
sqlCommand.Parameters.Add("@USERNAME",
SqlDbType.VarChar).Value =userName.ToCharArray();
cn.Open();
int result = sqlCommand.ExecuteNonQuery();

// Close Reader and Connection.
cn.Close();
if (result > 0)
return true;
else
return false;

}

Regards
Generous for your help
Click to expand...

In the code I have written I have not used the @ sign in the variable
names when adding the parameters and it has worked. For example, drop
the @ in the line

sqlCommand.Parameters.Add("@PINCODE", SqlDbType.Int).Value = Pincode;

to

sqlCommand.Parameters.Add("PINCODE", SqlDbType.Int).Value = Pincode;

Perhaps it will work or atleast get you to your next error!
 
P

Patrick H

public static bool Change_CC_Pincode(string userName, string
Pincode)
{
SqlConnection conn = null;
int result = -1;
try
{
conn = new SqlConnection(connectionString);
SqlCommand command = conn.CreateCommand();
command.CommandText = "UPDATE CreditCard SET
cc_pincode=@PINCODE WHERE
username=@USERNAME";

command.Parameters.AddWithValue("@PINCODE", Pincode);
command.Parameters.AddWithValue("@USERNAME" userName);
conn.Open();

result = command.ExecuteNonQuery();

}
catch( Exception ex )
{
//woopsie
}
finally
{
if( conn != null ) conn.Close();
return result > 0;
}
}
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Error: Failed to convert parameter value from a String to a Byte[]. (Need Help Urgently) 0
SqlDataReader.GetBytes Results in an System.InvalidCastException E 9
trouble parsing Excel file to byte array 1
Retrieving SQL SP Output Parameters 2
Problem with running a SP that has input & a output parameter 1
Poulating a DropDownList with a database query 2
DataAdapter,SQL Sp's and update 2
DataGrid Problem 1

Top