CODEWITHSUNDEEP
c#visual-studiomysql-connector
Abby
Abby

Reputation: 3

UPDATE statement not updating SQL database

I have a SQL database which is storing the data from the uploaded excel file. I have put a clause where if the data is already there for a particular date and ID, then it the code should update the database, otherwise it should insert. Everything is working fine, it is just that the update statement is not actually updating the values in the database.

if (userCount > 1)
{

    Label4.Text = "Record Already Exists in the database. Overwriting the previous existing files.";
    //UPDATE STATEMENT
    string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
    string ip = Request.UserHostAddress;
    SqlCommand upd = new SqlCommand("UPDATE DoctorActivity SET(Computer_Id=@Computer_Id, Duty_Date=@Duty_Date, Duty_Type=@Duty_Type, OPD=@OPD, Minor_OT=@Minor_OT, Major_OT=@Major_OT, Normal_Delivery=@Normal_Delivery, Cesarean_Delivery=@Cesarean_Delivery, DateOfEntry=@DateOfEntry, IP=@IP, User_Id=@User_Id)", con);
    upd.CommandType = CommandType.Text;
    upd.Parameters.AddWithValue("@Computer_Id", GridView1.Rows[i].Cells[0].Text);
    upd.Parameters.AddWithValue("@Duty_Date", GridView1.Rows[i].Cells[1].Text);
    upd.Parameters.AddWithValue("@Duty_Type", GridView1.Rows[i].Cells[2].Text);
    upd.Parameters.AddWithValue("@OPD", GridView1.Rows[i].Cells[3].Text);
    upd.Parameters.AddWithValue("@Minor_OT", GridView1.Rows[i].Cells[4].Text);
    upd.Parameters.AddWithValue("@Major_OT", GridView1.Rows[i].Cells[5].Text);
    upd.Parameters.AddWithValue("@Normal_Delivery", GridView1.Rows[i].Cells[6].Text);
    upd.Parameters.AddWithValue("@Cesarean_Delivery", GridView1.Rows[i].Cells[7].Text);



    upd.Parameters.AddWithValue("@IP", ip);
    upd.Parameters.AddWithValue("@DateOfEntry", entrytime);
    upd.Parameters.AddWithValue("@User_Id", GetUsername());
}
else{
    //INSERT STATEMENT
    string statment = string.Format("INSERT INTO DoctorActivity(Computer_Id, Duty_Date, Duty_Type, OPD, Minor_OT, Major_OT, Normal_Delivery, Cesarean_Delivery,DateOfEntry, IP, User_Id) VALUES ('" + GridView1.Rows[i].Cells[0].Text + "', '" + GridView1.Rows[i].Cells[1].Text + "', '" + GridView1.Rows[i].Cells[2].Text + "', '" + GridView1.Rows[i].Cells[3].Text + "', '" + GridView1.Rows[i].Cells[4].Text + "', '" + GridView1.Rows[i].Cells[5].Text + "', '" + GridView1.Rows[i].Cells[6].Text + "', '" + GridView1.Rows[i].Cells[7].Text + "',@DateOfEntry, @IP, @User_Id)");


    string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
    string ip = Request.UserHostAddress;

    SqlCommand cmd = new SqlCommand(statment, con);


    cmd.CommandType = CommandType.Text;

    cmd.Parameters.AddWithValue("@IP", ip);
    cmd.Parameters.AddWithValue("@DateOfEntry", entrytime);
    cmd.Parameters.AddWithValue("@User_Id", GetUsername());
    cmd.ExecuteNonQuery();

    con.Close();
    cmd.Dispose();

    Label1.Text = "File Uploaded Succesfully";
}

Upvotes: 0

Views: 645

Answers (2)

Igor
Igor

Reputation: 62213

You are missing

upd.ExecuteNonQuery();

in the update part of the if block.

side note

You should use using blocks when dealing with types that implement IDisposable like SqlCommand. Also Microsoft recommends creating and destroying SqlConnection types on an as needed basis, essentially destroying them as soon as you are done using them. Sql Server will handle connection pooling (enabled by default) so this is not an expensive operation. Changing your code to the following ensures that your connection and command objects are always closed and cleaned up even in the event of an exception or in cases where you forgot to do so (see end of 1st if statement in your original code).

using(var con = new SqlConnection("connectionStringHere"))
{
    if (userCount > 1)
    {

        Label4.Text = "Record Already Exists in the database. Overwriting the previous existing files.";
        //UPDATE STATEMENT
        string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
        string ip = Request.UserHostAddress;

        // Your update statement has no WHERE clause, this will currently update all table record!
        using(SqlCommand upd = new SqlCommand("UPDATE DoctorActivity SET(Computer_Id=@Computer_Id, Duty_Date=@Duty_Date, Duty_Type=@Duty_Type, OPD=@OPD, Minor_OT=@Minor_OT, Major_OT=@Major_OT, Normal_Delivery=@Normal_Delivery, Cesarean_Delivery=@Cesarean_Delivery, DateOfEntry=@DateOfEntry, IP=@IP, User_Id=@User_Id)", con))
        {
            upd.CommandType = CommandType.Text;
            upd.Parameters.AddWithValue("@Computer_Id", GridView1.Rows[i].Cells[0].Text);
            upd.Parameters.AddWithValue("@Duty_Date", GridView1.Rows[i].Cells[1].Text);
            upd.Parameters.AddWithValue("@Duty_Type", GridView1.Rows[i].Cells[2].Text);
            upd.Parameters.AddWithValue("@OPD", GridView1.Rows[i].Cells[3].Text);
            upd.Parameters.AddWithValue("@Minor_OT", GridView1.Rows[i].Cells[4].Text);
            upd.Parameters.AddWithValue("@Major_OT", GridView1.Rows[i].Cells[5].Text);
            upd.Parameters.AddWithValue("@Normal_Delivery", GridView1.Rows[i].Cells[6].Text);
            upd.Parameters.AddWithValue("@Cesarean_Delivery", GridView1.Rows[i].Cells[7].Text);



            upd.Parameters.AddWithValue("@IP", ip);
            upd.Parameters.AddWithValue("@DateOfEntry", entrytime);
            upd.Parameters.AddWithValue("@User_Id", GetUsername());

            upd.ExecuteNonQuery(); // added
        }
    }
    else{
        //INSERT STATEMENT

        // ******************
        //This should be changed to use all parameterized query. Never use string concatenation for your parameter values.
        // ******************
        string statment = string.Format("INSERT INTO DoctorActivity(Computer_Id, Duty_Date, Duty_Type, OPD, Minor_OT, Major_OT, Normal_Delivery, Cesarean_Delivery,DateOfEntry, IP, User_Id) VALUES ('" + GridView1.Rows[i].Cells[0].Text + "', '" + GridView1.Rows[i].Cells[1].Text + "', '" + GridView1.Rows[i].Cells[2].Text + "', '" + GridView1.Rows[i].Cells[3].Text + "', '" + GridView1.Rows[i].Cells[4].Text + "', '" + GridView1.Rows[i].Cells[5].Text + "', '" + GridView1.Rows[i].Cells[6].Text + "', '" + GridView1.Rows[i].Cells[7].Text + "',@DateOfEntry, @IP, @User_Id)");


        string entrytime = DateTime.Now.ToString("MM/dd/yyyy hh:mm tt");
        string ip = Request.UserHostAddress;

        using(SqlCommand cmd = new SqlCommand(statment, con))
        {
            cmd.CommandType = CommandType.Text;

            cmd.Parameters.AddWithValue("@IP", ip);
            cmd.Parameters.AddWithValue("@DateOfEntry", entrytime);
            cmd.Parameters.AddWithValue("@User_Id", GetUsername());
            cmd.ExecuteNonQuery();
        }

        Label1.Text = "File Uploaded Succesfully";
    }
}

Upvotes: 6

advance512
advance512

Reputation: 1358

Aren't you missing a WHERE User_ID = @User_ID AND Computer_ID = @Computer_ID clause in your UPDATE statement?

Also, where is the actual execution of the statement? i.e. upd.ExecuteNonQuery();

Upvotes: 1

Related Questions