i'm working on my school project. I've generated a dataset of SQL Server Compact edition database using visual studio's 'Data Set Configuration Wizard'
.
I've a table named 'User'. I want to fill 'User' table of 'dataset' with only those records which meet specific criteria. but when i call 'adapter.Fill(ds.User)' it fills table with all the data from database's table.
i tried to set 'SELECT' command of adapter as
userAdapter.Adapter.SelectCommand.CommandText = string.Format("SELECT * FROM User WHERE UserName = {0}", userName);
but this is also not working. can anyone tell me how to specify 'WHERE' clause in 'SELECT' command of 'adapter'?
here is the image http://s3.postimg.org/4pqb9cwyr/error.png
here is the code also
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
namespace Student_s_Expense_Manager
{
public partial class Login : Form
{
public Login()
{
InitializeComponent();
}
private void btnLogin_Click(object sender, EventArgs e)
{
// Create 'User' Table Adapter
ExpenseDataSetTableAdapters.UserTableAdapter userAdapter = new ExpenseDataSetTableAdapters.UserTableAdapter();
// Create a Dataset of ExpenseDataSet
ExpenseDataSet expenseDataset = new ExpenseDataSet();
string userName = textBoxUserName.Text;
userAdapter.Adapter.SelectCommand.CommandText = string.Format("SELECT * FROM [User] WHERE UserName = '{0}'", userName);
userAdapter.Fill(expenseDataset.User);
}
}
}
A typed data adapter does indeed only init its SelectCommand
when the Fill
method is called. So unfortunately it will be hard for you to set the query you want with that in your way. I would advise that you quit using wizards and master the ado.net mechanics but that's beyond the scope of your question. Still, this link should be of interest.
That aside, your actual formatting of the query is wrong. If UserName
is varchar
your comparison will expect apostrophes ( '
) surrounding your user name value. You must also make sure that your value will double any apostrophes it may itself contain so that Sql Server will interpret them as a char rather than a delimiter.
userAdapter.Adapter.SelectCommand.CommandText =
string.Format("SELECT * FROM User WHERE UserName = '{0}'", userName.Replace("'", "''"));
Or better yet, use a parameter to protect your code from SQL injection attack :
userAdapter.Adapter.SelectCommand.CommandText =
"SELECT * FROM User WHERE UserName = @UserName";
userAdapter.Adapter.SelectCommand.Parameters.AddWithValue("@UserName", userName);
Try
userAdapter.Adapter.SelectCommand.CommandText = string.Format("SELECT * FROM User WHERE UserName = '{0}'", userName);
You actually forgot to add colons ' '
around username
You have to enclose strings in quotes in a SQL statement:
userAdapter.Adapter.SelectCommand.CommandText =
string.Format("SELECT * FROM User WHERE UserName = '{0}'", userName);
However, you should NOT do this in a real application. For a school project you're OK but you should get in the habit of using parameters instead:
userAdapter.Adapter.SelectCommand.CommandText =
string.Format("SELECT * FROM User WHERE UserName = @UserName");
userAdapter.Adapter.SelectCommand.Parameters.AddWithValue("@UserName",userName);
Do some research on SQL injection to understand why.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.