Reputation: 53
How to store values of select query in variables in the webservice?
I am new to webservice development. I have made webservice in asp.net using c# and mysql.
I want to store values of select query in variable which then i want to insert in table.
I have used following code :
//for inserting new game details in the tbl_Game by FB
[WebMethod]
public string InsertNewGameDetailsForFB(string gametype, string player1, string player2, string player3, string player4, string player5)
{
string success = "Error in Insertion";
string selectID = "Select UserID from tbl_userinfo where Facebook_ID IN ('" + player1 + "','" + player2 + "','" + player3 + "')";
con = new MySqlConnection(conString);
con.Open();
MySqlCommand cmd = new MySqlCommand(selectID, con);
MySqlDataReader ids = cmd.ExecuteReader();
string id1="", id2="", id3="";
while (ids.Read())
{
id1 = ids.GetString(0);
id2 = ids.GetString(1);
id3 = ids.GetString(2);
}
string insertNewGame = "Insert into tbl_game(Type,Player1,Player2,Player3,Player4,Player5) values";
insertNewGame += "( '" + gametype + "' , '" + id1 + "', '" + id2 + "','" + id3 + "', '" + player3 + "','" + player4 + "', '" + player5 + "' )";
con = new MySqlConnection(conString);
con.Open();
MySqlCommand cmd1 = new MySqlCommand(insertNewGame, con);
int success1 = cmd1.ExecuteNonQuery();
con.Close();
string gameID = "Select MAX(GameID) from tbl_game";
con = new MySqlConnection(conString);
con.Open();
MySqlCommand cmd2 = new MySqlCommand(gameID, con);
string gameid = cmd2.ExecuteScalar().ToString();
if (success1 > 0)
{
success="Inserted Successfully, GameID is - " + gameid;
}
return success;
}
how can i do this ?
Thanks.
Upvotes: 3
Views: 3523
Answers (1)
Reputation: 2975
Your first issue is how you're attempting to read in UserID from your first query. This query will not return three columns but three rows. So you need to do something like this:
int index = 0;
while (ids.Read())
{
switch (index)
{
case 0:
id1 = ids.GetString(0);
break;
case 1:
id2 = ids.GetString(0);
break;
case 2:
id3 = ids.GetString(0);
break;
}
index += 1;
}
That should store them properly. My second suggestion is since this is a web service, you should avoid SQL Injection attacks and use parameterized queries rather than dynamic SQL. There are plenty of examples on the web you can use.
My final suggestion is to use the using statement religiously for objects which implement IDisposable (i.e. the connection object, the command, the reader, etc...). This ensures proper cleanup of objects.
Upvotes: 2
Related Questions
- Assign query result to a variable and return variable
- How to select mysql value and store it into a variable C#
- How to store data to variable from SQL query in ASP net?
- How can i store my select value into a session variable?
- MySQL select result save into c# variable
- ASP.Net C# - Passing a variable into MySQL query
- Assign Sql Query Result To Variable
- how to use the passed parameters to the asp.net webservice in a sql statement?
- How to save a SQL "Select" result in a variable in C#
- A good way to send the results from a MySQL query over a Web Service?