C# Sql Server update with multiple where clauses and multiple id fields

Question

I am getting Unclosed quotation mark after the character string ''. and I have tried everything any help would be greatly appreciated.

        SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["sipConnectionString"].ConnectionString);
protected void Button1_Click(object sender, EventArgs e)
{
    conn.Open();
    string query = "select dealercode, dropdate, couponno from coupon where dealercode = '" + DEALERCODETextBox.Text + "' and dropdate = '" + DROPDATETextBox.Text + "' and COUPONNO = '" + COUPONCOUNTTextBox.Text +"','";
    SqlCommand cm = new SqlCommand(query, conn);
    cm.Parameters.AddWithValue("@couponcount", COUPONCOUNTTextBox.Text);
    cm.Parameters.AddWithValue("@totalrev", GRANDTOTALTextBox.Text);
    cm.ExecuteNonQuery();
    conn.Close();

Answer 1

You use paramters to add the values, but you don't use the parameters in the query:

    string query = "select dealercode, dropdate, couponno from coupon where dealercode = @dealercode and dropdate =@dropdate and COUPONNO = @couponcount;";
SqlCommand cm = new SqlCommand(query, conn);
cm.Parameters.AddWithValue("@couponcount", COUPONCOUNTTextBox.Text);
cm.Parameters.AddWithValue("@dealercode ", DEALERCODETextBox.Text);
cm.Parameters.AddWithValue("@dropdate ", DROPDATETextBox.Text);

Answer 2

In the last of your query string

and COUPONNO = '" + COUPONCOUNTTextBox.Text +"','";

replace +"','"; with "'";

Note: Your query string also lack of Parameters

Answer 3

Replace with this line:

string query = "select dealercode, dropdate, couponno 
   from coupon where dealercode = '" + DEALERCODETextBox.Text + "' 
   and dropdate = '" + DROPDATETextBox.Text + "' 
   and COUPONNO = '" + COUPONCOUNTTextBox.Text +"'";
SqlCommand cm = new SqlCommand(query, conn);