CODEWITHSUNDEEP
asp.netsql-update
JigJagJoe
JigJagJoe

Reputation: 45

Update user profile in website

In my website made by asp.net, we can update the email address, password, place and about myself of a user given the old password is correct. Now what I do is, login, then use this code to update:

 protected void update_profile(object sender, EventArgs e)
    {
        string constr = ConfigurationManager.ConnectionStrings["Khulna_website"].ConnectionString;
        using (SqlConnection connection = new SqlConnection(constr))
        {
            string user_email = (string)(Session["User"]);
            string pass = encrypt_pass(old_password.Text);
            if (pass != (string)(Session["Password"]))
            {
                pass_err_message.Text = "Wrong password";
                pass = (string)Session["Password"];
            }
            else
            {
                pass = encrypt_pass(new_password.Text);
            }
            string insertQuery = "update dbo.users set user_password=@new_password, user_place = @new_place, user_about=@new_about where user_email =" +user_email;
            SqlCommand com = new SqlCommand(insertQuery, connection);
            connection.Open();
            com.Parameters.AddWithValue("@new_password", pass);
            com.Parameters.AddWithValue("@new_about", new_about.Text);
            com.Parameters.AddWithValue("@new_place", new_place.Text);
            try
            {
                com.ExecuteNonQuery();
                upload_err_message.Text = "Successfully uploaded";
                connection.Close();
            }
            catch (Exception ex)
            {
                profile_settings_err_message.Text = "Update error: " + ex.Message;
            }

        }

    }

But when I try to update it is saying: Update error: The multi-part identifier "[email protected]" could not be bound. And my session is gone! I thought maybe it was due to foreign key, so I removed all the foreign keys of the database, but it is still happening. What's wrong here?

EDIT: I have added back the foreign keys, since I need them to on delete cascade. I just deleted them to see if it works.

Upvotes: 0

Views: 30

Answers (1)

BenS
BenS

Reputation: 91

I am just taking a guess, but I believe your issue will be found right here: 

"... user_email =" +user_email;

Try doing something like

"... user_email = @email";
com.Parameters.AddWithValue("@email", user_email);

That's the better way... however if you want to get lackadaisical you should be able to just surround the email in single quotes.

"... user_email = '" + user_email + "'";

I hope this helps!

Upvotes: 1

Related Questions