I know this title seems to be repeated a lot but I tried to search and didn't find the answer.
Code:
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e) {}
protected void gv_master_SelectedIndexChanged(object sender, EventArgs e)
{
// Get the currently selected row using the SelectedRow property.
GridViewRow row = gv_master.SelectedRow;
// Display the first name from the selected row.
// In this example, the third column (index 2) contains
// the first name.
lbl_reqNoV.Text = row.Cells[1].Text;
lbl_reqNoV.Visible = true;
lbl_reqNo.Visible = true;
SqlConnection sqlConnection1 = new SqlConnection("Data Source=saitest01;Initial Catalog=SAI_website;Persist Security Info=True;User ID=sa;Password=sai@987");
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "Select * from purchase Where ReqNo = '" + lbl_reqNoV.Text + "', sqlConnection1";
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlConnection1;
sqlConnection1.Open();
SqlDataReader DR1;
DR1 = cmd.ExecuteReader();
DR1.Read();
// Data is accessible through the DataDR1 object here
gv_full.DataSource = DR1;
gv_full.DataBind();
}
}
the problem is you where adding the name of Connection
in the query text which is ofcource not recognized by sqlserver
the correct format was
var cmd = new SqlCommand("Select * from purchase Where ReqNo = @reqno",sqlConnection1)
or you can do this
cmd.CommandText = "Select * from purchase Where ReqNo = @reqno";
cmd.Parameters.AddWithValue("reqno",lbl_reqNoV.Text);
cmd.CommandType = CommandType.Text;
cmd.Connection = sqlConnection1;
you should always use parameters in query to avoid Sql Injection
just change following
cmd.CommandText = "Select * from purchase Where ReqNo = '" + lbl_reqNoV.Text + "', sqlConnection1";
with,
cmd.CommandText = "Select * from purchase Where ReqNo = '" + lbl_reqNoV.Text + "' ";
Above will make your code working. But you should modify you code to handle SQL Injection. As answered by @Usman
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.