Reputation: 1165
Retrieve Data from SQL Server based on TextBox value in C#
I have a database with 4 columns HouseNo, Date, Time and IndoorTemp. In my C# Windows application I have 4 textboxes, one each for the above columns.
The user enters the HouseNo, Date and Time values in the Text Box. The inputs here should be a part of my SQL Where Clause with the output as the Indoor Temperature. This should then be displayed in the last text box.
I have used this connection:
// Create a String to hold the database connection string.
string sdwConnectionString = @"Data Source=IE1ADTBD5ZL1S\;Initial Catalog=ThermostatData2;Integrated Security=True";
// Create a connection
SqlConnection sdwDBConnection = new SqlConnection(sdwConnectionString);
I tried a code to do this but it failed. My code is,
cmd.IndoorTemp = "select * from ThermData where HouseNo = '" + HouseNovalue.Text + "' and Date = '" + Datevalue.Text + "' and Time = '" + Timevalue.Text + "' ";
How do i achieve the desired result.
I am new to C# and do not know much. All the above code was also with the help of a few blogs.
Do please help me out on this one. Also suggest a good book where i could learn to program C# with SQL Server. Thanks a lot in advance.
Upvotes: 1
Views: 7133
Answers (2)
Reputation: 67928
Try this:
using (SqlConnection c = new SqlConnection("your connection string"))
{
c.Open();
using (SqlCommand cmd = new SqlCommand("SELECT IndoorTemp FROM ThermData WHERE HouseNo = @HouseNo AND Date = @Date AND Time = @Time")
{
cmd.Parameters.AddWithValue("@HouseNo", HouseNovalue.Text);
cmd.Parameters.AddWithValue("@Date", Datevalue.Text);
cmd.Parameters.AddWithValue("@Time", Timevalue.Text);
var indoorTemp = cmd.ExecuteScalar();
Indoortemp.Text = indoorTemp;
}
}
In this example you're building a new SqlConnection, but you're leveraging the using statement to ensure it's properly disposed. You are doing the same thing for the SqlCommand. Then, you are leveraging parameterized statements to ensure you're safe from SQL Injection.
And don't shy away from this approach even if it's just a personal project that nobody else uses because you practice how you play. If you don't use parameterized SQL when you practice you certainly won't when you play.
Finally, you're leveraging ExecuteScalar which returns the first column from the first row of the result set -and that's what you want.
Upvotes: 2
Reputation: 17600
First of all use parametrized query:
var cmd = new SqlCommand("select * from ThermData where HouseNo = @houseno and Date = @date and Time = @time", sdwDBConnection);
cmd.Parameters.AddWithValue("@houseno", HouseNovalue.Text);
cmd.Parameters.AddWithValue("@date", Datevalue.Text);
cmd.Parameters.AddWithValue("@time", Timevalue.Text);
to get results you can do:
sdwDBConnection.Open();
var reader = cmd.ExecuteReader();
if (reader.Read()) //if there is at least one result
{
//data from reader
IndoorTemp.Text = reader["IndoorTemp"]; //access value returned for column IndoorTemp
}
Upvotes: 0
Related Questions
- VB.Net retrieve data from sql database according to user input textbox
- How to read data from database on textbox while auto select from another textbox in c#
- Get data from sql query into textbox
- Getting value from a database using textbox
- want to compare the text entered in textbox with the sql column, and to pull the other values from that row, if the values matches using asp.net c#
- Pass String into SQL Query from Textbox
- Retrieve data from sql server compact 4.0 to textbox
- Return value of sql query to textbox in C#
- Get SQL data And show it in a text box?
- retrieving textbox data to sql from asp.net