W
weird0
Hi!
On the recommendation of one of the MVP's on this group....... I tried
writing parametrized queries. But the ****ing thing does not work and
it does not update the data in the table.
I gotta do my work by concatenation right now. But what is wrong with
the code anyway?
Can anyone figure out.
public static bool Change_CC_Pincode(string userName, string
Pincode)
{
string query = "UPDATE CreditCard SET cc_pincode=@PINCODE
WHERE username=@USERNAME";
SqlConnection cn = new SqlConnection(connectionString);
// Create a new SQL Command object with our query
// Note the syntax for our parameter field, "first"
SqlCommand sqlCommand = new SqlCommand(query, cn);
sqlCommand.Parameters.Add("@PINCODE", SqlDbType.Int).Value
= Pincode;
sqlCommand.Parameters.Add("@USERNAME",
SqlDbType.VarChar).Value =userName.ToCharArray();
cn.Open();
int result = sqlCommand.ExecuteNonQuery();
// Close Reader and Connection.
cn.Close();
if (result > 0)
return true;
else
return false;
}
Regards
Generous for your help
On the recommendation of one of the MVP's on this group....... I tried
writing parametrized queries. But the ****ing thing does not work and
it does not update the data in the table.
I gotta do my work by concatenation right now. But what is wrong with
the code anyway?
Can anyone figure out.
public static bool Change_CC_Pincode(string userName, string
Pincode)
{
string query = "UPDATE CreditCard SET cc_pincode=@PINCODE
WHERE username=@USERNAME";
SqlConnection cn = new SqlConnection(connectionString);
// Create a new SQL Command object with our query
// Note the syntax for our parameter field, "first"
SqlCommand sqlCommand = new SqlCommand(query, cn);
sqlCommand.Parameters.Add("@PINCODE", SqlDbType.Int).Value
= Pincode;
sqlCommand.Parameters.Add("@USERNAME",
SqlDbType.VarChar).Value =userName.ToCharArray();
cn.Open();
int result = sqlCommand.ExecuteNonQuery();
// Close Reader and Connection.
cn.Close();
if (result > 0)
return true;
else
return false;
}
Regards
Generous for your help