• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 245
  • Last Modified:

Need syntax for where clause in sql server using C#

What is proper for the following select statement:
 myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus=[The IncidentStatus value I need to filter on is the string Open] ;

 I've tried these options:

 myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus=" + "Open";
as well as others that have not worked.

What is the correct select statement?
0
nhorsley
Asked:
nhorsley
  • 7
  • 6
1 Solution
 
daffodilsCommented:
Try..

// Assuming string Open;
myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus=" + Open;
0
 
nhorsleyAuthor Commented:
I tried it and got, Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: CS0103: The name 'Open' does not exist in the class or namespace 'ASP.updateAdmin_aspx'

Source Error:
Line 41:    
Line 42:    
Line 43:    myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus=" + Open;
Line 44:
Line 45:    
 
0
 
daffodilsCommented:
I had inferred Open is the name of the string variable that holds value for IncidentStatus...

How and where have you declared Open ?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
nhorsleyAuthor Commented:
Open is one of the string values contained in the field named IncidentStatus
0
 
nhorsleyAuthor Commented:
This is the entire code that contains the Select statement:

<%@ Page Language="c#" %>
<%@ import Namespace="System.Data" %>
<%@ import Namespace="System.Data.SqlClient" %>
<script runat="server">


    SqlConnection myConn = new SqlConnection ("server=(local);database=BCA;trusted_connection=true");
    SqlCommand myCmd = new SqlCommand ( );
    string id;
      protected string strUser;
   
    protected void Page_Load ( object src, EventArgs e ) {

Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + @"; URL=default.aspx");

       
 myCmd.Connection = myConn;
        id = Request.QueryString [ "id" ] ;
        if ( !IsPostBack ) {
           if ( id == null ) {
              bindGrid ( );
              loadPanel.Visible = true;
              editPanel.Visible = false;
              postPanel.Visible = false;
           } else {
              getMessage ( Request.QueryString [ "id" ] );
              loadPanel.Visible = false;
              editPanel.Visible = true;
              postPanel.Visible = false;
           }
        } else {
           loadPanel.Visible = false;
           editPanel.Visible = false;
           postPanel.Visible = true;
        }
    }
   
    public void bindGrid ( )
      
      {
   
   
   myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus=" + 'Open';

   
        myConn.Open ( );
        myGrid.DataSource = myCmd.ExecuteReader ( CommandBehavior.CloseConnection );
        myGrid.DataBind ( );
    }
   
    public void getMessage ( String id ) {
        SqlDataAdapter myAdapter = new SqlDataAdapter (
           "select * from BCAIncident where IncidentID=" + id, myConn );
        DataTable msgDetails = new DataTable ( );
        myAdapter.Fill ( msgDetails );
        DataRowView myRow = msgDetails.DefaultView [ 0 ] ;
   
        msgDate.Value = myRow [ "IncidentID" ].ToString ( );
        msgFrom.Value = myRow [ "IncidentAuthorID" ].ToString ( );
        msgEmail.Value = myRow [ "IncidentEmail" ].ToString ( );
        msgDesc.Value = myRow [ "IncidentDesc" ].ToString ( );
        msgShrtDesc.Value = myRow [ "IncidentShrtDesc" ].ToString ( );
        msgStatus.Value = myRow [ "IncidentStatus" ].ToString ( );
        msgAction.Value = myRow [ "IncidentAction" ].ToString ( );
        msgCompleted.Value = myRow [ "IncidentCompleted" ].ToString ( );
        msgIncName.Value = myRow [ "IncidentName" ].ToString ( );
        msgIncOwner.Value = myRow [ "IncidentOwner" ].ToString ( );
        editPanel.DataBind ( );
    }
   
    public void updateMessage ( object src, EventArgs e ) {
        if ( Page.IsValid ) {
           myCmd.CommandText = "UPDATE BCAIncident SET IncidentAuthorID=@From, IncidentEmail=@Mail, IncidentDesc=@Desc,

IncidentShrtDesc=@ShrtDesc, IncidentStatus=@Status, IncidentAction=@Action, IncidentCompleted=@Completed,

IncidentName=@IncName, IncidentOwner=@IncOwner where IncidentID=" + id;
   
           myCmd.Parameters.Add ( "@From", SqlDbType.NVarChar ).Value = msgFrom.Value;
           myCmd.Parameters.Add ( "@Mail", SqlDbType.NVarChar ).Value = msgEmail.Value;
           myCmd.Parameters.Add ( "@Desc", SqlDbType.NVarChar ).Value = msgDesc.Value;
           myCmd.Parameters.Add ( "@ShrtDesc", SqlDbType.VarChar ).Value = msgShrtDesc.Value;
           myCmd.Parameters.Add ( "@Status", SqlDbType.NVarChar ).Value = msgStatus.Value;
           myCmd.Parameters.Add ( "@Action", SqlDbType.VarChar ).Value = msgAction.Value;
           myCmd.Parameters.Add ( "@Completed", SqlDbType.VarChar ).Value = msgCompleted.Value;
           myCmd.Parameters.Add ( "@IncName", SqlDbType.NVarChar ).Value = msgIncName.Value;
           myCmd.Parameters.Add ( "@IncOwner", SqlDbType.NVarChar ).Value = msgIncOwner.Value;
           myConn.Open ( );
           myCmd.ExecuteNonQuery ( );
           myConn.Close ( );
        }
        bindPostPanel ( id );
    }
   
    public void bindPostPanel ( String id ) {
        myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentID='" + id + "'";
        myConn.Open ( );
        listDetails.DataSource = myCmd.ExecuteReader ( CommandBehavior.SingleRow );
        listDetails.DataBind ( );
        myConn.Dispose ( );
    }

</script>
0
 
daffodilsCommented:
Okay.. got it.. "open" is the value not the name of the string

myCmd.CommandType = CommandType.Text

// Assuming "IncidentStatus" is of type varchar(15) in the database.
// If not.. change accordingly
SqlParameter myParam = new SqlParameter("@IncidentStatus", SqlDbType.NVarChar, 15)

myParam.Value = "Open";
myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus = @IncidentStatus";
0
 
daffodilsCommented:
Hey.. You are using SqlParamater in your Update code...
Answer is as simple as using it for the Select statements as well.. and setting the ".Value" property to "Open"
0
 
nhorsleyAuthor Commented:
I've tried to implement it but it's still throwing erros.  If you would supply the solution in the code I provided earlier exactly as it should be entered, we would be done.  Thank you.
0
 
daffodilsCommented:
what error does it throw ? can you post the error message??
0
 
nhorsleyAuthor Commented:
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: CS1519: Invalid token '=' in class, struct, or interface member declaration

Source Error:

Line 10:       protected string strUser;
Line 11:
Line 12:       myCmd.CommandType = CommandType.Text;
Line 13:          SqlParameter myParam = new SqlParameter("@IncidentStatus", SqlDbType.NVarChar, 50);
Line 14:       myParam.Value = "Open";

________________________________

This is the code:

<%@ Page Language="c#" %>
<%@ import Namespace="System.Data" %>
<%@ import Namespace="System.Data.SqlClient" %>
<script runat="server">


    SqlConnection myConn = new SqlConnection ("server=(local);database=BCA;trusted_connection=true");
    SqlCommand myCmd = new SqlCommand ( );
    string id;
      protected string strUser;

      myCmd.CommandType = CommandType.Text;
         SqlParameter myParam = new SqlParameter("@IncidentStatus", SqlDbType.NVarChar, 50);
      myParam.Value = "Open";
   
    protected void Page_Load ( object src, EventArgs e ) {

Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + @"; URL=default.aspx");

       
 myCmd.Connection = myConn;
        id = Request.QueryString [ "id" ] ;
        if ( !IsPostBack ) {
           if ( id == null ) {
              bindGrid ( );
              loadPanel.Visible = true;
              editPanel.Visible = false;
              postPanel.Visible = false;
           } else {
              getMessage ( Request.QueryString [ "id" ] );
              loadPanel.Visible = false;
              editPanel.Visible = true;
              postPanel.Visible = false;
           }
        } else {
           loadPanel.Visible = false;
           editPanel.Visible = false;
           postPanel.Visible = true;
        }
    }
   
    public void bindGrid ( )
      
      {
         myCmd.CommandType = CommandType.Text;
         SqlParameter myParam = new SqlParameter("@IncidentStatus", SqlDbType.NVarChar, 50);
      myParam.Value = "Open";
      myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus = @IncidentStatus";

   
        myConn.Open ( );
        myGrid.DataSource = myCmd.ExecuteReader ( CommandBehavior.CloseConnection );
        myGrid.DataBind ( );
    }
   
    public void getMessage ( String id ) {
        SqlDataAdapter myAdapter = new SqlDataAdapter (
           "select * from BCAIncident where IncidentID=" + id, myConn );
        DataTable msgDetails = new DataTable ( );
        myAdapter.Fill ( msgDetails );
        DataRowView myRow = msgDetails.DefaultView [ 0 ] ;
   
        msgDate.Value = myRow [ "IncidentID" ].ToString ( );
        msgFrom.Value = myRow [ "IncidentAuthorID" ].ToString ( );
        msgEmail.Value = myRow [ "IncidentEmail" ].ToString ( );
        msgDesc.Value = myRow [ "IncidentDesc" ].ToString ( );
        msgShrtDesc.Value = myRow [ "IncidentShrtDesc" ].ToString ( );
        msgStatus.Value = myRow [ "IncidentStatus" ].ToString ( );
        msgAction.Value = myRow [ "IncidentAction" ].ToString ( );
        msgCompleted.Value = myRow [ "IncidentCompleted" ].ToString ( );
        msgIncName.Value = myRow [ "IncidentName" ].ToString ( );
        msgIncOwner.Value = myRow [ "IncidentOwner" ].ToString ( );
        editPanel.DataBind ( );
    }
   
    public void updateMessage ( object src, EventArgs e ) {
        if ( Page.IsValid ) {
           myCmd.CommandText = "UPDATE BCAIncident SET IncidentAuthorID=@From, IncidentEmail=@Mail, IncidentDesc=@Desc,

IncidentShrtDesc=@ShrtDesc, IncidentStatus=@Status, IncidentAction=@Action, IncidentCompleted=@Completed,

IncidentName=@IncName, IncidentOwner=@IncOwner where IncidentID=" + id;
   
           myCmd.Parameters.Add ( "@From", SqlDbType.NVarChar ).Value = msgFrom.Value;
           myCmd.Parameters.Add ( "@Mail", SqlDbType.NVarChar ).Value = msgEmail.Value;
           myCmd.Parameters.Add ( "@Desc", SqlDbType.NVarChar ).Value = msgDesc.Value;
           myCmd.Parameters.Add ( "@ShrtDesc", SqlDbType.VarChar ).Value = msgShrtDesc.Value;
           myCmd.Parameters.Add ( "@Status", SqlDbType.NVarChar ).Value = msgStatus.Value;
           myCmd.Parameters.Add ( "@Action", SqlDbType.VarChar ).Value = msgAction.Value;
           myCmd.Parameters.Add ( "@Completed", SqlDbType.VarChar ).Value = msgCompleted.Value;
           myCmd.Parameters.Add ( "@IncName", SqlDbType.NVarChar ).Value = msgIncName.Value;
           myCmd.Parameters.Add ( "@IncOwner", SqlDbType.NVarChar ).Value = msgIncOwner.Value;
           myConn.Open ( );
           myCmd.ExecuteNonQuery ( );
           myConn.Close ( );
        }
        bindPostPanel ( id );
    }
   
    public void bindPostPanel ( String id ) {
        myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentID='" + id + "'";
        myConn.Open ( );
        listDetails.DataSource = myCmd.ExecuteReader ( CommandBehavior.SingleRow );
        listDetails.DataBind ( );
        myConn.Dispose ( );
    }

</script>
 

Source File: C:\Inetpub\wwwroot\memberarea\updateAdmin.aspx    Line: 12

0
 
daffodilsCommented:
okay.. lets then remove the Line 12.. and I made a mistake - I hadn't added the parameter to the Command object

public void bindGrid ( )
{
     SqlParameter myParam = new SqlParameter("@IncidentStatus", SqlDbType.NVarChar, 50);
     myParam.Value = "Open";
     myCmd.Parameters.Add(myParam);
     myCmd.CommandText = "SELECT * FROM BCAIncident WHERE IncidentStatus = @IncidentStatus";
 
      myConn.Open ( );
      myGrid.DataSource = myCmd.ExecuteReader ( CommandBehavior.CloseConnection );
      myGrid.DataBind ( );
}
0
 
nhorsleyAuthor Commented:
That did it!

As usual, you did it.  Thanks again.
0
 
daffodilsCommented:
Good.. am sorry I should have corrected that the first time around.. anyway.

Thanks.. best of luck.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now