Menu
I have a table with "SEMESTER, SUBJECT, OFFER, RESULT" where "SEMESTER" & "SUBJECT" is PRIMARY KEY. When i use the query
"DELETE FROM Course_Information WHERE Semester = 1 AND Subject = 'CSE-414' ;
Its working perfectly in access database but i always get exception when i tried to use it in my c# code.
Moreover its works if i use "DELETE FROM Course_Information WHERE Semester = 1 ;
I want to use both "SUBJECT" & "SEMESTER" In the WHERE condition (Because there could be different subject in the same semester)
See my code,
connection_string = aConnection.return_connectionString(connection_string);
string sql_query = "DELETE FROM Course_Information WHERE Semester = " + this.textBox1.Text + " AND Subject = " + this.textBox2.Text + " ;";
OleDbConnection connect = new OleDbConnection(connection_string);
OleDbCommand command = new OleDbCommand(sql_query, connect);
try
{
connect.Open();
OleDbDataReader reader = command.ExecuteReader();
MessageBox.Show("Delete Successful!");
connect.Close();
UpdateDatabase();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
690
asked Aug 07 '13 19:08
C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...
In the real sense it has no meaning or full form. It was developed by Dennis Ritchie and Ken Thompson at AT&T bell Lab. First, they used to call it as B language then later they made some improvement into it and renamed it as C and its superscript as C++ which was invented by Dr.
Compared to other languages—like Java, PHP, or C#—C is a relatively simple language to learn for anyone just starting to learn computer programming because of its limited number of keywords.
C is more difficult to learn than JavaScript, but it's a valuable skill to have because most programming languages are actually implemented in C. This is because C is a “machine-level” language. So learning it will teach you how a computer works and will actually make learning new languages in the future easier.
Include the quotes around the value you get from this.textBox2.Text as in your working sample query.
" AND Subject = '" + this.textBox2.Text + "';";
Imagine this.textBox2.Text contains the text foo. Without adding those quotes in the WHERE clause the db engine would see ... WHERE Semester = 1 AND Subject = foo But it can't find anything in the data source named foo, so assumes it must be a parameter. You need the quotes to signal the db engine it's a string literal value, 'foo'.
Actually if you switch to a parameter query, you can avoid this type of problem because you won't need to bother with those quotes in the DELETE statement. And a parameter query will also safeguard you against SQL injection. If a malicious user can enter ' OR 'a' = 'a in this.textBox2.Text, all rows in the table would be deleted.
115
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
