Getting error as Invalid column name C#.NET
Question
I am new to C#.net. I am developing a small application where the data in one drop down list gets populated based on the value selected in another drop down list. Upon viewing the output, I am getting the error Invalid column name 'CategoryBasedList' . Can you please point out where I went wrong. I am attaching the code below. Thanks in advance.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
public partial class UserLogin : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
populate();
}
}
protected void ddlCategoryBasedList_SelectedIndexChanged(object sender, EventArgs e)
{
}
protected void ddlListOfBooks_SelectedIndexChanged(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["CONN_STR"].ToString();
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand com = new SqlCommand("Select distinct(CategoryBasedList) from Category where CategoryList = '" + (ddlListOfBooks.SelectedValue).ToString() + "'", con);
SqlDataAdapter da = new SqlDataAdapter(com);
DataSet ds = new DataSet();
da.Fill(ds);
ddlCategoryBasedList.DataTextField = ds.Tables[0].Columns["CategoryBasedList"].ToString();
ddlCategoryBasedList.DataSource = ds.Tables[0];
ddlCategoryBasedList.DataBind();
}
protected void SqlDataSource1_Selecting(object sender, SqlDataSourceSelectingEventArgs e)
{
}
public void populate()
{
string constr = ConfigurationManager.ConnectionStrings["CONN_STR"].ToString();
SqlConnection con = new SqlConnection(constr);
con.Open();
SqlCommand com = new SqlCommand(" Select distinct(CategoryList) from Category", con);
SqlDataAdapter da = new SqlDataAdapter(com);
DataSet ds = new DataSet();
da.Fill(ds);
ddlListOfBooks.DataTextField = ds.Tables[0].Columns["CategoryList"].ToString();
ddlListOfBooks.DataSource = ds.Tables[0];
ddlListOfBooks.DataBind();
}
}
The database structure of the above mentioned table - CATEGORY is as follows.
CREATE TABLE [dbo].[Category](
[[CategoryBasedList]]] [varchar](100) NOT NULL,
[CategoryList] [varchar](100) NOT NULL,
[Authors] [varchar](100) NULL
) ON [PRIMARY]
GO
SET ANSI_PADDING OFF
GO
2 answers
solution1
3 2018-02-23 10:59:58
Your slq tries to acces a column that is not there:
new SqlCommand(@"
Select distinct(CategoryBasedList) from Category
where CategoryList = '" + (ddlListOfBooks.SelectedValue).ToString() + "'", con);
check the columnname in the table Category : according to your DDL your DB-Column is named [CategoryBasedList] .
After fixing that, google Sql Injection and/or read Why do we always prefer using parameters in SQL statements? Use SqlParameters to supply parameters to your sql-statements.
Additionally you should start using using(var con = new SqlConnection(constr)) { ..... } to correctly dispose of your IDIsposable-Implementing DB-Objects in case they throw exceptions.
For pointers you can look here: in a "using" block is a SqlConnection closed on return or exception?
solution2
2 ACCPTED 2018-02-23 10:58:40
You need to sort out brackets around CategoryBasedList . As you show it now, field name is actually [CategoryBasedList]] , not as you might expect CategoryBasedList . Just rename that column name to remove extra brackets and you should be good to go.
Also, as already mentioned, you need to be aware about SQL Injections . Instead of constructing query by string concatination you need to use SQL Parameters
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.