c# - WebMethod throws "Incorrect syntax near '='" -


i getting error on line: using (sqldatareader reader =cmd.executereader())

i working on ajax cascading drop down example in asp.net , below code. unable run code due error

incorrect syntax near '='. near using (sqldatareader reader =cmd.executereader())

code

 [webmethod] public ajaxcontroltoolkit.cascadingdropdownnamevalue[] getdropdowncountry1(string knowncategoryvalues) {    // select countryid, country country status='active'    // string query = "select country, countryid country";     string query = "select [countryname], [countryid] countries";     list<ajaxcontroltoolkit.cascadingdropdownnamevalue> countries = getdata(query);     return countries.toarray(); }  private list<ajaxcontroltoolkit.cascadingdropdownnamevalue> getdata(string query) {     string constring = configurationmanager.connectionstrings["connectionstring"].connectionstring;     sqlcommand cmd = new sqlcommand(query);     list<ajaxcontroltoolkit.cascadingdropdownnamevalue> values = new list<ajaxcontroltoolkit.cascadingdropdownnamevalue>();     using (sqlconnection con = new sqlconnection(constring))     {         con.open();         cmd.connection = con;         using (sqldatareader reader = cmd.executereader())             {             while (reader.read())             {                 values.add(new ajaxcontroltoolkit.cascadingdropdownnamevalue                 {                     name = reader[0].tostring(),                     value = reader[1].tostring()                 });             }             reader.close();             con.close();             return values;         }     } } 

string state = ajaxcontroltoolkit.cascadingdropdown.parseknowncategoryvaluesstring(knowncategoryvalues)["stateid"]; string query = string.format("select [cityname], [cityid] cities stateid = {0}", state);

if state string "ca" generate sql statement "select [cityname], [cityid] cities stateid = ca", not valid. values passed strings need quoted. don't put quotes around "{0}" - correct fix use parametrized query , pass stateid parameter. like:

string sql = "select [cityname], [cityid] cities stateid = @stateid" cmd.parameters.add("stateid", stateid);

this more efficient , protects sql injection.


Comments

Post a Comment

Popular posts from this blog

c++ - Difference between pre and post decrement in recursive function argument -

i have following sample code used pre-decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(--c); cout << c << endl; return; } } this function give output input 4 : dp3 dp2 dp1 dp0 0 1 2 3 but when use post decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(c--); cout << c << endl; return; } } output goes in infinite loop dp4 can explain me in detail why happens ? this happens because function(c--) called same value of c , when finishes c decremented. recursively called, hence called same value no chance of return , hit stack overflow error. assume this, int x = 1, y = 0; y = x++ result y == 1 , x == 2. if y = ++x , bot x , y 2.
Read more

php - Nothing but 'run(); ' when browsing to my local project, how do I fix this? -

i added new project. made mistake in projectname.conf file in sites-available apache2, led me reinstalling apache2. after reinstalling , re-enabling projects on every page of every project .. <body> run(); </body> .. i've run composer update, restarted service, restarted pc, checked config files, tried disabling new project. there nothing in error log, , access.log: 127.0.0.1 - - [15/may/2015:01:40:47 +0200] "get / http/1.1" 304 181 "-" "mozilla/5.0 (x11; ubuntu; linux x86_64; rv:38.0) gecko/20100101 firefox/38.0" maybe i'm forgetting apache2 reinstall? don't think did different last time installed it. looks haven't setup php correctly. take @ this great guide , maybe you're forgetting link php config apache2.
Read more

php - How can I echo out this array? -

i don't know how go grabbing data in variable , put foreach loop. class tree{ private $info = array( array('name'=>'jim','state'=>'nu','company'=>'nu','phone'=>array('cell'=>'5615111111','office'=>'5611111111'),'email'=>array('primary'=>'exs@example.com','ex@there.com')), array('name'=>'joe smith','city'=>'phoenix','phone'=>'4805551111','email'=>'jsmith@some_email.com'), array('name'=>'john doe','city'=>'chandler','company'=>'doe co.','email'=>array('jdoe@gmail.com','personal'=>'email@email.com'),'phone'=>'6025550002') ); } if you're inside of class, can access private variable using $this->variablename . example, i...
Read more