Solved

String and Quotes in them

Posted on 2006-11-19
3
233 Views
Last Modified: 2010-04-16
I have the following SELECT Statement.

dbcommand.CommandText = "SELECT * FROM tblUsers WHERE Username=" + uname;

However, in order for it to work properly I have to put quotes around the reseult of the pased uname variable.  How do I do this in C#.

So if uname was passed as Mike, the SELECT statment would need to be SELECT * FROM tblUsers WHERE Username="Mike"
I can not get the quotes around the name.

Thanks
0
Comment
Question by:sneeri_c
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 70

Accepted Solution

by:
Éric Moreau earned 125 total points
ID: 17975350
Hi sneeri_c,

dbcommand.CommandText = "SELECT * FROM tblUsers WHERE Username= '" + uname + "'";


Cheers!
0
 
LVL 30

Expert Comment

by:anarki_jimbel
ID: 17975790
Just to add to emoreau (that's completely right):

usually single quotes are used and the way is shown above. If you need double quotes on some a reason use escape chars:

"SELECT * FROM tblUsers WHERE Username=\"" + uname + "\"";
0
 
LVL 12

Expert Comment

by:andrewjb
ID: 17977970
Of course, this is an invitation to a code injection attack. You should use a command with parameters instead.


0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
Introduction Although it is an old technology, serial ports are still being used by many hardware manufacturers. If you develop applications in C#, Microsoft .NET framework has SerialPort class to communicate with the serial ports.  I needed to…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question